Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

Cisco ONS 15000 Series ACK Packet Saturation DoS

Network Security News – Tuesday, April 11, 2006 Events

Cisco ONS 15000 Series ACK Packet Saturation DoS

Cisco ONS 15000 contains a flaw that may allow a remote denial of service against the device's control cards. The issue is triggered when connections are initiated to any of the administrative TCP ports listening on the server without completing a full three-way TCP handshake by omitting the final ACK packet. This will lead to a memory exhaustion problem and can result in a reset of the control cards on the platform, leading to a loss of availability.. Read more at osvdb.org/24434

Cisco ONS 15000 Series Crafted IP Packet DoS (CSCsd04168)

Cisco ONS 15000 platforms contain a flaw that may allow a remote denial of service against the device's control cards. The issue is triggered when a specially crafted IP packet is sent to control cards. This can result in a reset of the control cards on the platform, leading to a loss of availability. No further details have been provided.. Read more at osvdb.org/24436

Cisco ONS 15000 Series Crafted IP Packet DoS (CSCsc51390)

Cisco ONS 15000 platforms contain a flaw that may allow a remote denial of service against the device's control cards. The issue is triggered when a specially crafted IP packet is sent to control cards. This can result in a reset of the control cards on the platform, leading to a loss of availability. No further details have been provided.. Read more at osvdb.org/24435

Cisco ONS 15000 Series Malformed OSPF Packet DoS

Cisco ONS 15000 platforms contain a flaw that may allow a remote denial of service against the device's control cards. The issue is triggered when specially crafted OSPF packets are sent to control cards. This issue is present for unicast packets as well as multicast packets. This can result in a reset of the control cards on the platform, leading to a loss of availability.. Read more at osvdb.org/24437

Clam Anti-Virus cli_bitset_set() Function Memory Access DoS

Clam Anti-Virus contains a flaw that may allow a remote denial of service. The issue is triggered when the cli_bitset_set() function in libclamav/others.c attempts an invalid memory access, and will result in loss of availability for the service.. Read more at osvdb.org/24459

Clam Anti-Virus PE Header Parser Overflow

A remote overflow exists in Clam AntiVirus. The product fails to correctly verify the length of PE headers resulting in a heap overflow. With a specially crafted file, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/24457

Clam Anti-Virus Logging Code Format String

A remote format string vulnerability exists in Clam Anti-Virus. The logging routines in shared/output.c fail to correctly validate user-supplied input. With a specially crafted transaction including format strings, an attacker can cause arbitrary code execution, resulting in a loss of integrity.. Read more at osvdb.org/24458

GlobalSCAPE Secure FTP Server Custom Command Long Paraemter DoS

Secure FTP Server contains a flaw that may allow a remote denial of service. The issue is triggered when an unspecified command with a lengthy parameter line is passed to the server, and will result in loss of availability for the service.. Read more at osvdb.org/24451

Hosting Controller forum.mdb Remote User Credential Disclosure

Hosting Controller contains a flaw that may lead to an unauthorized information disclosure. The issue is caused due to user credentials being stored in the "forum/db/forum.mdb" database file inside the web root, which will disclose the administrator's username and password, resulting in a loss of confidentiality.. Read more at osvdb.org/24447

HP Color LaserJet 2500/4600 Toolbox Traversal Arbitrary File Access

HP Color Laserjet 2500/4600 Toolbox contains a flaw that allows a remote attacker to view outside of the web path. The issue is due to the program not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the URL.. Read more at osvdb.org/24396

Vuln: Horde Help Viewer Remote PHP Code Execution Vulnerability

Horde Help Viewer Remote PHP Code Execution Vulnerability. Read more at securityfocus.com/bid/17292

Vuln: PHPList Index.PHP Local File Include Vulnerability

PHPList Index.PHP Local File Include Vulnerability. Read more at securityfocus.com/bid/17429

Vuln: SIRE Lire.PHP Remote File Include Vulnerability

SIRE Lire.PHP Remote File Include Vulnerability

. Read more at securityfocus.com/bid/17428

Vuln: APT-webshop Modules.PHP Multiple SQL Injection Vulnerabilities

APT-webshop Modules.PHP Multiple SQL Injection Vulnerabilities. Read more at securityfocus.com/bid/17425

Re: IE6 Crash

Re: IE6 Crash. Read more at securityfocus.com/archive/1/430431

Re[2]: Bypassing ISA Server 2004 with IPv6

Re[2]: Bypassing ISA Server 2004 with IPv6

. Read more at securityfocus.com/archive/1/430435

Oracle read-only user can insert/update/delete data via specially crafted views

Oracle read-only user can insert/update/delete data via specially crafted views. Read more at securityfocus.com/archive/1/430434

TUGZip Archive Extraction Directory traversal

TUGZip Archive Extraction Directory traversal. Read more at securityfocus.com/archive/1/430433

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *