2 results (0.010 seconds)

CVSS: 7.8EPSS: 4%CPEs: 1EXPL: 0

Secure Internet Live Conferencing (SILC) Server before 1.1.1 allows remote attackers to cause a denial of service (daemon crash) via a NEW_CLIENT packet without a nickname. Secure Internet Live Conferencing (SILC) Server versiones anteriores a 1.1.1 permite a atacantes remotos provocar una denegación de servicio (final erróneo del demonio) al utilizar un paquete NEW_CLIENT sin incluir un apodo. • http://secunia.com/advisories/29459 http://secunia.com/advisories/29946 http://security.gentoo.org/glsa/glsa-200804-27.xml http://silcnet.org/docs/release/SILC%20Server%201.1.1 http://www.securityfocus.com/bid/28450 http://www.securitytracker.com/id?1019711 http://www.vupen.com/english/advisories/2008/0919/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41307 •

CVSS: 7.8EPSS: 5%CPEs: 1EXPL: 1

The SILC_SERVER_CMD_FUNC function in apps/silcd/command.c in silc-server 1.0.2 allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a request without a cipher algorithm and an invalid HMAC algorithm. La función SILC_SERVER_CMD_FUNC de apps/silcd/command.c de silc-server 1.0.2 permite a atacantes remotos provocar una denegación de servicio (referencia a NULL y caída de demonio) mediante una petición sin algoritmo de cifrado y un algoritmo inválido HMAC. • https://www.exploit-db.com/exploits/29716 http://marc.info/?l=full-disclosure&m=117320823618036&w=2 http://osvdb.org/33887 http://secunia.com/advisories/24426 http://secunia.com/advisories/24431 http://security.gentoo.org/glsa/glsa-200703-12.xml http://www.securityfocus.com/bid/22846 https://exchange.xforce.ibmcloud.com/vulnerabilities/32846 • CWE-476: NULL Pointer Dereference •