Page 2 of 10 results (0.008 seconds)

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1

The Perforce service (p4s.exe) in Perforce Server 2008.1 allows remote attackers to cause a denial of service (daemon crash) via crafted data, possibly involving a large sndbuf value. El servicio Perforce (p4s.exe) en Perforce Server 2008.1 permite a atacantes remotos producir una denegacion de servicio (caida de demonio) a traves de datos manipulados que posiblemente incluyan a valor grande de sndbuf. • http://lists.immunitysec.com/pipermail/dailydave/2010-March/006063.html http://www.securityfocus.com/bid/36261 • CWE-20: Improper Input Validation •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1

Directory traversal vulnerability in Perforce Server 2008.1 allows remote authenticated users to create arbitrary files via a .. (dot dot) in the argument to the "p4 add" command. Vulnerabilidad de salto de directorio en Perforce Server 2008.1 permite a usuarios remotos autenticados crear ficheros arbitrarios a traves de ..(punto punto) en el argumento del comando "añadir p4". • http://lists.immunitysec.com/pipermail/dailydave/2010-March/006063.html http://www.securityfocus.com/bid/36261 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.8EPSS: 5%CPEs: 1EXPL: 1

The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service (daemon crash) via a server-DiffFile command with an integer value within a certain range, which causes a loop until all memory is exhausted. El servicio Perforce (p4s.exe) de Perforce Server 2007.3/143793 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (parada del servicio) mediante la utilización de un comando server-DiffFile con un valor entero dentro de cierto rango, causando un bucle de ejecución hasta que toda la memoria es ocupada. • http://aluigi.altervista.org/adv/perforces-adv.txt http://aluigi.org/poc/perforces.zip http://secunia.com/advisories/29231 http://securityreason.com/securityalert/3735 http://www.securityfocus.com/archive/1/489179/100/0/threaded http://www.securityfocus.com/bid/28108 https://exchange.xforce.ibmcloud.com/vulnerabilities/41017 https://exchange.xforce.ibmcloud.com/vulnerabilities/41361 • CWE-189: Numeric Errors •

CVSS: 5.0EPSS: 5%CPEs: 2EXPL: 0

The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service (daemon crash) via a (1) server-DiffFile or (2) server-ReleaseFile command with a large integer value, which is used in an array initialization calculation, and leads to invalid memory access. El servicio Perforce (p4s.exe) en Perforce Server 2007.3/143793 y anteriores permite a atacantes remotos provocar una denegación de servicio (caída del demonio) a través de los comandos (1) server-DiffFile o (2) server-ReleaseFile con un valor entero grande, el cual es utilizado en un cálculo de inicialización de array y lleva a un acceso a memoria no válido. • http://aluigi.altervista.org/adv/perforces-adv.txt http://aluigi.org/poc/perforces.zip http://secunia.com/advisories/29231 http://securityreason.com/securityalert/3735 http://www.securityfocus.com/archive/1/489179/100/0/threaded http://www.securityfocus.com/bid/28108 https://exchange.xforce.ibmcloud.com/vulnerabilities/41016 https://exchange.xforce.ibmcloud.com/vulnerabilities/41363 • CWE-189: Numeric Errors •

CVSS: 5.0EPSS: 8%CPEs: 16EXPL: 2

The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service (daemon crash) via a missing parameter to the (1) dm-FaultFile, (2) dm-LazyCheck, (3) dm-ResolvedFile, (4) dm-OpenFile, (5) crypto, and possibly unspecified other commands, which triggers a NULL pointer dereference. El servicio Perforce (p4s.exe) en Perforce Server 2007.3/143793 y anteriores permite a atacantes remotos provocar una denegación de servicio (caída del demonio) a través de un parámetro faltante a los comandos (1) dm-FaultFile, (2) dm-LazyCheck, (3) dm-ResolvedFile, (4) dm-OpenFile, (5) crypto, y posiblemente otros sin especificar, lo que dispara una referencia a un puntero nulo. • https://www.exploit-db.com/exploits/31338 http://aluigi.altervista.org/adv/perforces-adv.txt http://aluigi.org/poc/perforces.zip http://secunia.com/advisories/29231 http://securityreason.com/securityalert/3735 http://www.securityfocus.com/archive/1/489179/100/0/threaded http://www.securityfocus.com/bid/28108 https://exchange.xforce.ibmcloud.com/vulnerabilities/41015 • CWE-20: Improper Input Validation •