Page 116 of 580 results (0.021 seconds)

CVSS: 4.3EPSS: 96%CPEs: 16EXPL: 0

CVE-2014-0221 – openssl: DoS when sending invalid DTLS handshake

https://notcve.org/view.php?id=CVE-2014-0221

The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client crash) via a DTLS hello message in an invalid DTLS handshake. La función dtls1_get_message_fragment en d1_both.c en OpenSSL anterior a 0.9.8za, 1.0.0 anterior a 1.0.0m y 1.0.1 anterior a 1.0.1h permite a atacantes remotos causar una denegación de servicio (recursión y caída de cliente) a través de un mensaje DTLS hello en una negociación DTLS inválida. A denial of service flaw was found in the way OpenSSL handled certain DTLS ServerHello requests. A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash. • http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629 http://linux.oracle.com/errata/ELSA-2014-1053.html http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html http: • CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.5EPSS: 96%CPEs: 8EXPL: 1

CVE-2014-0195 – OpenSSL DTLS Fragment Out-Of-Bounds Write Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2014-0195

The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment. La función dtls1_reassemble_fragment en d1_both.c en OpenSSL anterior a 0.9.8za, 1.0.0 anterior a 1.0.0m y 1.0.1 anterior a 1.0.1h no valida debidamente longitudes de fragmentos en mensajes DTLS ClientHello, lo que permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (desbordamiento de buffer y caída de aplicación) a través de un fragmento no inicial largo. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OpenSSL. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DTLS packets. The issue lies in the assumption that all fragments specify the same message size. • https://github.com/ricedu/CVE-2014-0195 http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Once-Bled-Twice-Shy-OpenSSL-CVE-2014-0195/ba-p/6501048 http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/ZDI-14-173-CVE-2014-0195-OpenSSL-DTLS-Fragment-Out-of-Bounds/ba-p/6501002 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629 http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 6.8EPSS: 70%CPEs: 9EXPL: 1

CVE-2014-2525 – libyaml: heap-based buffer overflow when parsing URLs

https://notcve.org/view.php?id=CVE-2014-2525

Heap-based buffer overflow in the yaml_parser_scan_uri_escapes function in LibYAML before 0.1.6 allows context-dependent attackers to execute arbitrary code via a long sequence of percent-encoded characters in a URI in a YAML file. Desbordamiento de buffer basado en memoria dinámica en la función yaml_parser_scan_uri_escapes en LibYAML anterior a 0.1.6 permite a atacantes dependientes de contexto ejecutar código arbitrario a través de una secuencia larga de caracteres codificados de porcentaje en una URI en un archivo YAML. • http://advisories.mageia.org/MGASA-2014-0150.html http://lists.opensuse.org/opensuse-updates/2014-04/msg00022.html http://lists.opensuse.org/opensuse-updates/2015-02/msg00078.html http://lists.opensuse.org/opensuse-updates/2016-04/msg00050.html http://rhn.redhat.com/errata/RHSA-2014-0353.html http://rhn.redhat.com/errata/RHSA-2014-0354.html http://rhn.redhat.com/errata/RHSA-2014-0355.html http://secunia.com/advisories/57836 http://secunia.com/advisories/57966 http://secun • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •

CVSS: 6.8EPSS: 2%CPEs: 16EXPL: 0

CVE-2013-6393 – libyaml: heap-based buffer overflow when parsing YAML tags

https://notcve.org/view.php?id=CVE-2013-6393

The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a YAML document, which triggers a heap-based buffer overflow. La función yaml_parser_scan_tag_uri en scanner.c en LibYAML anterior a 0.1.5 lleva a cabo un "cast" incorrecto, lo que permite a atacantes remotos causar una denegación de servicio (caída de la aplicación) y probablemente ejecutar código arbitrario a través de etiquetas manipuladas en YAML. • http://advisories.mageia.org/MGASA-2014-0040.html http://archives.neohapsis.com/archives/bugtraq/2014-04/0134.html http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html http://lists.opensuse.org/opensuse-updates/2014-02/msg00064.html http://lists.opensuse.org/opensuse-updates/2014-02/msg00065.html http://lists.opensuse.org/opensuse-updates/2015-02/msg00078.html http://lists.opensuse.org/opensuse-updates/2016-04/msg00050.html http://osvdb.org/102716 http://rhn.redhat.com&#x • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •

CVSS: 5.0EPSS: 2%CPEs: 28EXPL: 0

CVE-2012-3534

https://notcve.org/view.php?id=CVE-2012-3534

GNU Gatekeeper before 3.1 does not limit the number of connections to the status port, which allows remote attackers to cause a denial of service (connection and thread consumption) via a large number of connections. GNU Gatekeeper anterior a v3.1 no limita el número de conexiones con el puerto de estado, lo que permite a atacantes remotos provocar una denegación de servicio (conexión y consumo de hilo) a través de un gran número de conexiones .. • http://lists.opensuse.org/opensuse-updates/2016-07/msg00070.html http://secunia.com/advisories/50343 http://www.gnugk.org/gnugk-3.1.html http://www.openwall.com/lists/oss-security/2012/08/25/3 http://www.openwall.com/lists/oss-security/2012/08/25/4 http://www.openwall.com/lists/oss-security/2012/08/27/1 http://www.osvdb.org/84862 http://www.securityfocus.com/bid/55198 https://exchange.xforce.ibmcloud.com/vulnerabilities/77975 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •