Posts Tagged ‘DoS-attack’

IBM logoVulnerability: vulnerabilities in IBM WebSphere DataPower XC10

Danger: Low
Patch: Yes
Number of vulnerabilities: 2

CVE ID: CVE-2012-5756
CVE-2012-5758
CVE-2012-5759
Vector of operation: LAN
Impact: Denial of service
Security Bypass

Affected Products: IBM WebSphere DataPower XC10 2.x

Affected versions: WebSphere DataPower XC10 2.0.0.0 – 2.0.0.3, WebSphere DataPower XC10 2.1.0.0 – 2.1.0.2

Description:

Which can be exploited by malicious people to carry out DoS-attack.

1. The vulnerability is due to the fact that a certain functional control interface available without pre-authentication. A remote user can disable certain features. (more…)

Vulnerability

Denial of service in hostapd

Vulnerability: Denial of service in hostapd

Danger: Low
Availability of fixes: Instructions to fixe
Number of vulnerabilities: 1

CVE ID: CVE-2012-4445
Vector operation: Local Network
Impact: Denial of service

Affected products: Hostapd 0.x, hostapd 1.x

Affected versions: hostapd 0.6, perhaps the only one.
hostapd 1.0, perhaps the only one.

Description:

The vulnerability can be exploited to cause a DoS attack. (more…)

Vulnerability

ISC BIND Vulnerability

Vulnerability: Denial of service in ISC BIND

Danger: Medium
Patch: Yes
Number of vulnerabilities: 1

CVE ID: CVE-2012-4244
Vector of operation: Remote
Impact: Denial of service

Affected products:

ISC BIND 9.9.x, 9.8.x, 9.7.x, 9.6.x, 9.5.x, 9.2.x, 9.4.x, 9.3.x

Affected versions:
ISC BIND versions 9.0.x to 9.6.x, 9.4-ESV to 9.4-ESV-R5-P1, 9.6-ESV to 9.6-ESV-R7-P2, from 9.7.0 to 9.7.6-P2, from 9.8.0 to 9.8.3-P2, from 9.9.0 to 9.9.1-P2

Description:

Which can be exploited by malicious people to a DoS attack (more…)

Broadcom

Vulnerability in the Wi-Fi modules

In the two non-wireless Internet access production Broadcom found serious flaw that can cause denial of service.

Researchers CoreSecurity Andres Blanco discovered a serious vulnerability in two Wi-Fi-module, which provides wireless access to the Internet, which are installed in a number of modern smartphones.

According to Blanco, chips made by Broadcom Corporation contain unterminated hole that attackers can use to carry out DoS-attacks.

In the study, Blanco found the vulnerability CVE-2012-2619 is present in the chipset BCM4325 and BCM4329 and allows a remote user to DoS-attack, using the read error beyond the borders of the data.

According to experts, the affected products Broadcom BCM4325 completed a number of modern gadgets production of various companies, including Apple iPhone 3GS, Apple iPod 2G, HTC Touch Pro 2, HTC Droid Incredible, Samsung Spica, Acer Liquid, Motorola Devour, and the car Ford Edge. (more…)

Vulnerability

DoS attack

Vulnerability: Denial of service in the BCM4325 and BCM4329

Danger: Low
Patch: Yes
Quantity of vulnerabilities: 1

Impact: Denial of service
Exploit: PoC code
Affected products: BCM4329, BCM4325

Affected versions:
– BCM4325
– BM4329

Description:

Which can be exploited by malicious people to a DoS attack.

An error in reading beyond the borders of the data. A remote user can cause denial of service. (more…)

Oracle LogoVulnerability: Multiple vulnerabilities in Oracle Solaris

Danger: High
Patch: Yes
Number of vulnerabilities: 19

Impact:

  • Denial of service
  • Disclosure of sensitive data
  • The introduction of a user’s session
  • Unauthorized manipulation of data
  • Elevation of Privilege

Java DangerVulnerability: Multiple vulnerabilities in Oracle Java

Danger: High
Patch: Yes
Number of vulnerabilities: 29

Impact:
Denial of service;
– Disclosure of sensitive data;
– Unauthorized manipulation of data;
– System compromise.

Affected Products: Oracle JavaFX 2.x (more…)

McAfee logoVulnerability: Denial of Service McAfee Firewall Enterprise

Danger: Middle
Patch: Yes
Number of vulnerabilities: 1

CVE ID: CVE-2012-4244
Impact: Denial of service

Affected Products: McAfee Firewall Enterprise 8.x, Sidewinder Firewall 7.x

Affected versions: McAfee Firewall Enterprise 8.x, perhaps the only one.
Sidewinder Firewall 7.x, possibly other versions. (more…)

Cisco logoVulnerability: Denial of service in Cisco Unified Presence and Cisco Jabber XCP

Danger: middle
CVE ID: CVE-2012-3935
Remote:     Yes
Local:     No
Impact: Denial of service
Affected Products:

– Cisco Jabber Extensible Communications Platform (Jabber XCP) 5.x;
– Cisco Unified Presence 8.x. (more…)

Apache VulnerabilityA remote user can conduct DoS-attack.

Affected products: Apache Struts 2.x

Affected versions: Apache Struts versions prior to 2.3.4.1.

Description:

The vulnerability allows malicious people to conduct XSS attacks. (more…)