K000153119: libtirpc vulnerability CVE-2021-46828

Security Advisory Description In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svcrun infinite loop without accepting new connections. CVE-2021-46828 Impact...

Important: libtirpc

Issue Overview: In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svcrun infinite loop without accepting new connections. CVE-2021-46828 Affected Packages:...

ROS-20240411-09

A vulnerability in the bsonutf8validate function of the MongoDB database management system is related to a loop with an unreachable exit condition. unreachable exit condition. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

OESA-2023-1652 wireshark security update

Wireshark is an open source tool for profiling network traffic and analyzing packets. Such a tool is often referred to as a network analyzer, network protocol analyzer or sniffer. Security Fixes: Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark...

OESA-2022-1795 libtirpc security update

Libtirpc is a Transport-Independent RPC library for Linux Security Fixes: In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svcrun infinite loop without...

DEBIAN-CVE-2021-46828

In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svcrun infinite loop without accepting new connections...

UBUNTU-CVE-2021-46828

In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svcrun infinite loop without accepting new connections...

CVE-2021-42260

TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXMLUTFLEAD0 case. It can be triggered by a crafted XML message and leads to a denial of service...

[ASA-201707-28] wireshark-cli: denial of service

Arch Linux Security Advisory ASA-201707-28 ========================================== Severity: Low Date : 2017-07-26 CVE-ID : CVE-2017-11406 CVE-2017-11407 CVE-2017-11408 CVE-2017-11410 CVE-2017-11411 Package : wireshark-cli Type : denial of service Remote : Yes Link :...

The vulnerability of Samba software allows a remote attacker to compromise the accessibility of protected information.

The vulnerability exists in the internal Samba DNS server due to the lack of checking the QR field in the header of the incoming DNS request before sending the response. Exploiting this vulnerability allows malicious actors to cause service failures excessive CPU usage and reduced bandwidth...