303 matches found
Cisco ASA Management Interface XML Parser DoS Vulnerability (cisco-sa-20151123-asa)
A vulnerability in the XML parser of the management interface of Cisco ASA may lead to a denial of service. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Cisco ASA Management Interface XML Parser Denial of Service Vulnerability
A vulnerability in the XML parser of the management interface in Cisco Adaptive Security Appliance ASA Software could allow an authenticated, remote attacker to cause system instability and possibly crash an affected system. The vulnerability is due to insufficient hardening of the XML parser cod...
Cisco Patches File Overwrite Bug in IMC Supervisor and UCS Director
Cisco has patched a remote file-overwrite vulnerability in a couple of its products that could allow an attacker to replace arbitrary files and cause target systems to become unstable. The vulnerability affects the Cisco Integrated Management Controlled Supervisor and UCS Director software. The...
Cisco ASA DNS Memory Exhaustion Vulnerability (cisco-sa-20150408-asa)
Cisco ASA is prone to a DNS memory exhaustion vulnerability. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...
Cisco ASA Software SSL VPN Memory Blocks Exhaustion Vulnerability
A vulnerability in the SSL VPN feature of Cisco ASA Software could allow an unauthenticated, remote attacker to cause the exhaustion of available memory, which could lead to system instability and availability issues on the SSL VPN services. The vulnerability is due to improper implementation of...
Cisco TelePresence MCU Software Memory Exhaustion Vulnerability
A vulnerability in the network stack of Cisco TelePresence MCU Software could allow an unauthenticated, remote attacker to cause the exhaustion of available memory which could lead to system instability and a reload of the affected system. Cisco has released software updates that address this...
MS11-080 AfdJoinLeaf Privilege Escalation
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require 'msf/core/post/common' require...
Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1426-1)
Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the Linux kernel. A local user could use this flaw to crash the system causing a denial of service. CVE-2011-4347 Stephan Barwolf discovered a flaw in the KVM kernel-based virtual machin...
Oracle Database Server SQL Injection In Package SYS.KUPV (CVE-2006-0586)
Oracle Database Server is an enterprise-level relational database application suite. To extend the functionality of the Oracle Database Server, extra packages of related program objects, i.e. procedures, functions, variables, constants, cursors, and exceptions, are provided in order to better...
Microsoft Windows csrss (?) memory corruption exploited in-the-wild
Dear [email protected], On one of Russian forum security vulnerability is discussed in Microsoft Windows Windows XP is tested. A vulnerability is caused by memory corruption is string beginning with "?" is send thorugh MessageBox API with MBSERVICENOTIFICATION flag. It looks like some "debug"...
Veritas Backup Exec Agent 8.x/9.x Browser Overflow (c version)
No description provided by source. / Got to give it to class101 on this one. Tested and penetrated. / str0ke / / VERITAS Backup Exec v9.1.4691.SP1 v9.1.4691.SP0 v8.5.3572 Agent Browser Service, Remote Stack Overflow Highly Critical All credits to: -iDEFENSEdiscovery-www.iDEFENSE.com, -Thor...
Mandrake Linux Security Advisory : evolution (MDKSA-2003:045)
Several vulnerabilities were discovered in the Evolution email client. These problems make it possible for a carefully constructed email message to crash the program, causing general system instability by starving resources. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive tex...
WinSyslog Interactive Syslog Server 4.21 - long Message Remote Denial of Service
WinSyslog Interactive Syslog Server 4.21 - long Message Remote Denial of Service source: https://www.securityfocus.com/bid/8821/info WinSyslog is prone to a remotely exploitable denial of service vulnerability. The issue exists in the Interactive Syslog Server specifically. This occurs when the...
WinSyslog Interactive Syslog Server 4.21 - long Message Remote Denial of Service
source: https://www.securityfocus.com/bid/8821/info WinSyslog is prone to a remotely exploitable denial of service vulnerability. The issue exists in the Interactive Syslog Server specifically. This occurs when the program receives multiple excessive syslog messages via the port it listens on...
Mailtraq 2.1.0.1302 - Remote Format String SMTP Resource Consumption
Mailtraq 2.1.0.1302 - Remote Format String SMTP Resource Consumption source: https://www.securityfocus.com/bid/7926/info It has been reported that Mailtraq does not reliably handle format strings in some SMTP protocol fields. This may cause a system to become unstable and crash, allowing a remote...
[Opera 7/6] Long File Extension Heap Buffer Overrun Vulnerability in Download.
Greetings. We, :: Operash :: here release the information about vulnerability of Opera. --------------------------------------------------------------------------------- SUMMARY : Opera 7/6 Long File Extension Heap Buffer Overrun Vulnerability in Download. PRODUCT : Opera for Windows VERSIONS :...
[DDI-1012] Malformed request causes denial of service in HP Instant TopTools
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------------- Digital Defense Inc. Security Advisory DDI-1012 [email protected] http://www.digitaldefense.net/ -...
DDI1012.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------------- Digital Defense Inc. Security Advisory DDI-1012 [email protected] http://www.digitaldefense.net/ -...
CORE-2003-03-04-01: Multiple vulnerabilities in Ximian 's Evolution Mail User Agent
Core Security Technologies Advisory http://www.coresecurity.com Multiple vulnerabilities in Ximian's Evolution Mail User Agent Date Published: 2003-03-19 Last Update: 2003-03-19 Advisory ID: CORE-20030304-01 Bugtraq IDs: 7117, 7118, 7119 CVE CAN: CAN-2003-0128 CAN-2003-0129 CAN-2003-0130 Title:...
Symantec Norton Internet Security 2003 - ICMP Packet Flood Denial of Service
Symantec Norton Internet Security 2003 - ICMP Packet Flood Denial of Service source: https://www.securityfocus.com/bid/6598/info Symantec Norton Internet Security 2003 is reported to be prone to a denial of service condition. It is possible to trigger this condition by sending an excessive...