6 matches found
OESA-2023-1498 golang security update
The Go Programming Language Security Fixes: The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or...
SUSE CVE-2006-4924
sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service CPU consumption via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector...
DEBIAN-CVE-2022-23959
In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Varnish Enterprise Cache Plus 4.1.x before 4.1.11r6 and 6.0.x before 6.0.9r4, request smuggling can occur for HTTP/1 connections...
openssh DoS
sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service CPU consumption via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector...
openssh DoS
sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service CPU consumption via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector...
DEBIAN-CVE-2006-4924
sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service CPU consumption via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector...