Posts Tagged ‘Denial of Service’

MySql

Multiple vulnerabilities

Vulnerability: Multiple vulnerabilities in MySQL

Danger: High
Number of vulnerabilities: 4
CVE ID:

– CVE-2012-5611
– CVE-2012-5612
– CVE-2012-5614
– CVE-2012-5615

Vector of operation: LAN
Impact: Brute-force attack, Denial of service, System compromise

Affected products: MySQL 5.x

Affected versions: MySQL 5.x, perhaps the only one.

Description:

The vulnerability allows a remote user to execute arbitrary code on the target system. (more…)

Vulnerability

Denial of service in OpenBSD

Vulnerability: Denial of service in OpenBSD

Danger: Low
Number of vulnerabilities: 1

Vector of operation: Network
Impact: Denial of service

Affected products: OpenBSD 5.1, OpenBSD 5.2

Affected versions:

– OpenBSD 5.1, perhaps the only one.
– OpenBSD 5.2, perhaps the only one.

Description:

The vulnerability can be exploited to cause a DoS attack.

The vulnerability is caused due to insufficient input validation when processing multiple RPC requests. This can be exploited via a specially crafted packet sent to TCP port 111, a DoS attack.

(more…)

FreeBSD Logo

Multiple vulnerabilities

Vulnerability: Multiple vulnerabilities in FreeBSD

Danger: Middle
Patch: Yes
Number of vulnerabilities: 2

CVE ID: CVE-2012-4244
CVE-2012-5166
Vector of operation: Remote
Impact: Denial of service
Affected products: FreeBSD 7.4, FreeBSD 8.3, FreeBSD 9.0

Affected versions: FreeBSD 7.4, 8.3, 9.0

Description:

Which can be exploited by malicious people to execute arbitrary code on the target system.

The product contains the vulnerable version of ISC BIND. A detailed description of vulnerabilities can be found here: (more…)

Vulnerability

Denial of service in hostapd

Vulnerability: Denial of service in hostapd

Danger: Low
Availability of fixes: Instructions to fixe
Number of vulnerabilities: 1

CVE ID: CVE-2012-4445
Vector operation: Local Network
Impact: Denial of service

Affected products: Hostapd 0.x, hostapd 1.x

Affected versions: hostapd 0.6, perhaps the only one.
hostapd 1.0, perhaps the only one.

Description:

The vulnerability can be exploited to cause a DoS attack. (more…)

Vulnerability

ISC BIND Vulnerability

Vulnerability: Denial of service in ISC BIND

Danger: Low
Patch: Yes
Number of vulnerabilities: 1

CVE ID: CVE-2012-5166
Vector of operation: Remote
Impact: Denial of service

Affected products: ISC BIND 9.6.x, 9.7.x, 9.8.x, 9.9.x

Affected versions: ISC BIND versions prior to 9.7.7, 9.7.6-P4, 9.6-ESV-R8, 9.6-ESV-R7-P4, 9.8.4, 9.8.3-P4, 9.9.2 and 9.9.1-P4

Description:

The vulnerability allows a remote user to cause a denial of service application.

An error in the processing of requests to a particular type of records. This can be exploited to crash the daemon. Successful exploitation of this vulnerability requires that a combination of RDATA name server was loaded from cache or authoritative name server. (more…)

Vulnerability

ISC BIND Vulnerability

Vulnerability: Denial of service in ISC BIND

Danger: Medium
Patch: Yes
Number of vulnerabilities: 1

CVE ID: CVE-2012-4244
Vector of operation: Remote
Impact: Denial of service

Affected products:

ISC BIND 9.9.x, 9.8.x, 9.7.x, 9.6.x, 9.5.x, 9.2.x, 9.4.x, 9.3.x

Affected versions:
ISC BIND versions 9.0.x to 9.6.x, 9.4-ESV to 9.4-ESV-R5-P1, 9.6-ESV to 9.6-ESV-R7-P2, from 9.7.0 to 9.7.6-P2, from 9.8.0 to 9.8.3-P2, from 9.9.0 to 9.9.1-P2

Description:

Which can be exploited by malicious people to a DoS attack (more…)

Opera Alert

Denial of service in Opera

Vulnerability: Denial of service in Opera

Danger: High
Patch: Yes
Quantity of vulnerabilities: 5

Impact:
– Cross-site scripting;
– Security Bypass;
– System compromise.

Be exploited: No Information
Affected products: Opera 12.x

Affected versions: Opera versions until 12.10 (more…)

Adobe Flash

Denial of service in the Adobe Flash Player

Vulnerability: Denial of service in the Adobe Flash Player

Danger: High
Patch: Yes
Quantity of vulnerabilities: 7

CVE ID: CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, CVE-2012-5277, CVE-2012-5278, CVE-2012-5279, CVE-2012-5280

Impact: System Compromise
Affected Products: Adobe Flash Player 11.x
Adobe AIR 3.x

Affected versions:
– Adobe Flash Player for Windows and Macintosh versions prior to 11.5.502.110;
– Adobe Flash Player for Linux versions prior to 11.2.202.251;
– Adobe Flash Player for Android 4.x versions prior to 11.1.115.27;
– Adobe Flash Player for Android 3.x and 2.x versions prior to 11.1.111.24;
– Adobe AIR for Windows and Macintosh versions prior to 3.5.0.600;
– Adobe AIR SDK versions prior to 3.5.0.600 (more…)

Google Chrome

Denial of service in Google Chrome

Vulnerability: Denial of service in Google Chrome

Danger: High
Patch: Yes
Quantity of vulnerabilities: 19

Impact: Security Bypass
System compromise

Affected products: Google Chrome 22.x

Affected versions: Google Chrome versions prior to 23.0.1271.64

CVE ID: CVE-2012-5127, CVE-2012-5120, CVE-2012-5118, CVE-2012-5117, CVE-2012-5119, CVE-2012-5122, CVE-2012-5123, CVE-2012-5124, CVE-2012-5125, CVE-2012-5126, CVE-2012-5128 (more…)

Vulnerability

DoS attack

Vulnerability: Denial of service in the BCM4325 and BCM4329

Danger: Low
Patch: Yes
Quantity of vulnerabilities: 1

Impact: Denial of service
Exploit: PoC code
Affected products: BCM4329, BCM4325

Affected versions:
– BCM4325
– BM4329

Description:

Which can be exploited by malicious people to a DoS attack.

An error in reading beyond the borders of the data. A remote user can cause denial of service. (more…)