Next Page >>
Flood Attack
=======
Cisco ASA 5500 Series Adaptive Security Appliances are affected by the
following vulnerabilities:
* TCP Connection Exhaustion Denial of Service Vulnerability
* Session Initiation Protocol (SIP) Inspection Denial of Service
Vulnerabilities
* Skinny Client Control Protocol (SCCP) Inspection Denial of
Service Vulnerability
* WebVPN Datagram Transport Layer Security (DTLS) Denial of Service
advisory outlines the details of these vulnerabilities:
* VPN Authentication Bypass when Account Override Feature is Used
vulnerability
* Crafted HTTP packet denial of service (DoS) vulnerability
* Crafted TCP Packet DoS vulnerability
* Crafted H.323 packet DoS vulnerability
The only thing I could do was to logout and then log back in. Task Manager
was unable to help me even though it was set to "Always On Top". If the Task
Manager was opened first then I might have had a chance but if it weren't
then 4 out of 5 times the best option would be to logout and then re-login.
I believe this is a kind of functionality bug versus denial of service bug
in FireFox which unfortunately is not related to the Chrome Bug.
This was tested at my work since I don't have Google chrome installed on my
linux installation at home. However I believe this can be used / triggered
against any other application installed that FireFox knows exists on the
>> contacts?
>>
>> MustLive wrote:
>>> Hello Susan!
>>>
>>>> Granted I can denial of service a browser just by loading up a horrible
>>>> add in or just using a browser
>>>
>>> DoS of the browser is already bad thing. And there are many risks for
>>> users
>>> from DoS holes in browsers, which I wrote about in 2008 in my articles
Multiple vulnerabilities exist in the Cisco Wireless LAN Controller
(WLC) platforms. This security advisory outlines the details of the
following vulnerabilities:
* Malformed HTTP or HTTPS authentication response denial of service
vulnerability
* SSH connections denial of service vulnerability
* Crafted HTTP or HTTPS request denial of service vulnerability
* Crafted HTTP or HTTPS request unauthorized configuration
modification vulnerability
> contacts?
>
> MustLive wrote:
>> Hello Susan!
>>
>>> Granted I can denial of service a browser just by loading up a horrible
>>> add in or just using a browser
>>
>> DoS of the browser is already bad thing. And there are many risks for
>> users
>> from DoS holes in browsers, which I wrote about in 2008 in my articles
#2009-014 Android denial-of-service issues
Description:
Android, an open source mobile phone platform, is affected by two bugs
that lead to denial-of-service (DoS) conditions.
Two separate DoS issues have been independently reported to oCERT.
for all readers of the list.
First of all, readers of both Bugtraq and Full-disclosure must understand,
that if you had no questions to my first advisory (from this series of
advisories (I posted three already) of vulnerabilities in browsers,
which belong to group of DoS via protocol handlers), then there must be no
questions for next advisories. Otherwise it'll be double standards (not
moaning on 1st advisory and moaning on 2nd and 3rd ones) and as I already
wrote to the lists, double standards are bad and better to not use them.
Second, I repeat one more time :-), that there can be also made attack
CVE-2007-1592 CVE-2007-2172 CVE-2007-2525 CVE-2007-3848
CVE-2007-4308 CVE-2007-4311 CVE-2007-5093 CVE-2007-6063
CVE-2007-6151 CVE-2007-6206 CVE-2007-6694 CVE-2008-0007
Several local and remote vulnerabilities have been discovered in the Linux
kernel that may lead to a denial of service or the execution of arbitrary
code.
The package versions referenced in the initial DSA-1503 advisory
introduced a regression that can cause hangs on systems that make use of
the ext2 filesystem. The regression has been resolved in the package
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Unified IP Phone Overflow and Denial
of Service Vulnerabilities
Revision 1.0
For Public Release 2008 February 13 1600 UTC (GMT)
CVE-2007-1592 CVE-2007-2172 CVE-2007-2525 CVE-2007-3848
CVE-2007-4308 CVE-2007-4311 CVE-2007-5093 CVE-2007-6063
CVE-2007-6151 CVE-2007-6206 CVE-2007-6694 CVE-2008-0007
Several local and remote vulnerabilities have been discovered in the Linux
kernel that may lead to a denial of service or the execution of arbitrary
code. The Common Vulnerabilities and Exposures project identifies the
following problems:
CVE-2004-2731
Hello Susan!
> Granted I can denial of service a browser just by loading up a horrible
> add in or just using a browser
DoS of the browser is already bad thing. And there are many risks for users
from DoS holes in browsers, which I wrote about in 2008 in my articles
Dangers of DoS attacks on browsers and Dangers of resources consumption DoS
attacks. But mostly browser developers ignore to fix these issues.
to contacts?
MustLive wrote:
> Hello Susan!
>
>> Granted I can denial of service a browser just by loading up a horrible
>> add in or just using a browser
>
> DoS of the browser is already bad thing. And there are many risks for
> users
> from DoS holes in browsers, which I wrote about in 2008 in my articles
CVE-2007-3739 CVE-2007-3740 CVE-2007-3848 CVE-2007-4133
CVE-2007-4308 CVE-2007-4573 CVE-2007-5093 CVE-2007-6063
CVE-2007-6151 CVE-2007-6206 CVE-2007-6694 CVE-2008-0007
Several local and remote vulnerabilities have been discovered in the Linux
kernel that may lead to a denial of service or the execution of arbitrary
code. The Common Vulnerabilities and Exposures project identifies the
following problems:
CVE-2006-5823
>>> which I called by general name DoS via protocol handlers, to which
>>> belonged
>>> and previous DoS attack via mailto handler.
>>>
>>> Now I'm informing about DoS in different browsers via protocols news and
>>> nntp. These Denial of Service vulnerabilities belongs to type
>>> (http://websecurity.com.ua/2550/) blocking DoS and resources consumption
>>> DoS. These attacks can be conducted as with using JS, as without it (via
>>> creating of page with large quantity of iframes).
>>>
>>> DoS:
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00571568
Version: 11
HPSBUX01137 SSRT5954 rev.11 - HP-UX Running TCP/IP (IPv4), Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2005-04-24
Last Updated: 2007-10-03
>> which I called by general name DoS via protocol handlers, to which
>> belonged
>> and previous DoS attack via mailto handler.
>>
>> Now I'm informing about DoS in different browsers via protocols news and
>> nntp. These Denial of Service vulnerabilities belongs to type
>> (http://websecurity.com.ua/2550/) blocking DoS and resources consumption
>> DoS. These attacks can be conducted as with using JS, as without it (via
>> creating of page with large quantity of iframes).
>>
>> DoS:
I was carried away because the author used scripts (in a global script tag)
in the PoC of the issue in question which made unconditional recursion
possible.
Without scripts enabled, if iframe's src property is set to itself(?), it is
parsed upto 1 level (i.e. not recursed). Hence it doesn't affect or DoS the
latest browsers (the best I can say...).
A few other points:
1. if a links/ads or any other content-syndication provider allow unverified
Hello Bugtraq!
I want to warn you about File Download and Denial of Service vulnerabilities
in Mozilla Firefox, Internet Explorer, Google Chrome and Opera. Earlier I
already wrote about DoS vulnerabilities in different browsers via different
protocol handlers. And now I'll tell about research concerned with attacks
via protocols http and ftp which I made already in 2008 and published at
30.06.2010.
-----------------------------
Synopsis
========
Multiple vulnerabilities have been discovered in Ruby that allow for
attacks including arbitrary code execution and Denial of Service.
Background
==========
Ruby is an interpreted object-oriented programming language. The
Team Vexillium
Security Advisory
http://vexillium.org/
Name : WinImage 8.10 Multiple Vulnerabilities
Class : Denial of Service and Directory Traversal
Threat level : LOW (DoS), MED (Dir. traversal vuln)
Discovered : 2007-08-31
Published : 2007-09-15
Credit : j00ru//vx
Vulnerable : WinImage 8.10,
Summary
=======
Cisco Unified Contact Center Express (UCCX or Unified CCX) contains a denial of
service (DoS) vulnerability and a directory traversal vulnerability. These
vulnerabilities are independent of each other.
Exploitation of these vulnerabilities could result in a DoS condition or an
information disclosure.
exploitation of the SQL injection vulnerability may allow an
authenticated attacker to execute SQL statements that can cause
instability of the product or changes in the configuration.
Additionally, the Cisco Security Agent is affected by a denial of
service (DoS) vulnerability. Successful exploitation of the Cisco
Security Agent agent DoS vulnerability may cause the affected system
to crash. Repeated exploitation could result in a sustained DoS
condition.
These vulnerabilities are independent of each other.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Unified Communications Manager Denial
of Service Vulnerabilities
Advisory ID: cisco-sa-20090826-cucm
Revision 1.0
advisory outlines details of these vulnerabilities:
* Crafted TCP ACK Packet Vulnerability
* Crafted TLS Packet Vulnerability
* Instant Messenger Inspection Vulnerability
* Vulnerability Scan Denial of Service
* Control-plane Access Control List Vulnerability
The first four vulnerabilities may lead to a denial of service (DoS)
condition and the fifth vulnerability may allow an attacker to bypass
control-plane access control lists (ACL).
Hello Bugtraq!
I want to warn you about Denial of Service vulnerabilities in Firefox,
Internet Explorer, Chrome and Opera. Which belong to type of DoS via
protocol handlers. Earlier I already wrote about DoS vulnerabilities in
Firefox, Internet Explorer, Chrome and Opera and DoS attacks on email
clients via protocol handlers. This new advisory will show you the situation
of browsers behavior with other protocol handlers.
All those who doubt that these DoS vulnerabilities in browsers and email
== The problem ==
Even though MIME is pretty old, many people have not yet learned how to
parse MIME correctly. The problem is that the number of MIME-parts of an
email and the depth of recursion is potentially unlimited. Some software
like the popular rfc2045 library of the courier-mta solve this problem by
discarding mails with too many MIME-parts as a Denial of Service attack.
This is probably the best approach to handle this problem.
== Proof-of-Concept: Nesty ==
The nesty attack abuses the message/rfc822 type. The following example
crashes a lot of software, which tries to parse it recursively and
brlc> == The problem ==
brlc> Even though MIME is pretty old, many people have not yet learned how to
brlc> parse MIME correctly. The problem is that the number of MIME-parts of an
brlc> email and the depth of recursion is potentially unlimited. Some software
brlc> like the popular rfc2045 library of the courier-mta solve this problem by
brlc> discarding mails with too many MIME-parts as a Denial of Service attack.
brlc> This is probably the best approach to handle this problem.
brlc> == Proof-of-Concept: Nesty ==
brlc> The nesty attack abuses the message/rfc822 type. The following example
brlc> crashes a lot of software, which tries to parse it recursively and
Syhunt: HFS (HTTP File Server) Log Arbitrary File/Directory
Manipulation and Denial-of-Service Vulnerabilities
Advisory-ID: 200801162
Discovery Date: 1.16.2008
Release Date: 1.23.2008
Affected Applications: HFS 2.2 to and including 2.3(Beta Build
#174)
Non-Affected Applications: HFS 2.1d and earlier versions
Class: Arbitrary File/Directory Manipulation, Denial of Service
3APA3A wrote:
> Can you, please explain why is this security bug?
I think you mistake my posting. I did not want to say that this issue is a (real) *security* vulnerability but I definitely would call it a DoS bug.
> DoS is not software crash, DoS is Denial of Service. It means,
> security impact of DoS vulnerability should be preventing (blocking)
> access of legitimate user to some data or service (via data
> corruption, service malfuction, etc).
It seems we have a different understanding of the term "Denial Of Service". In my opinion your explanation exactly matches this issue. As you said DoS is the attempt to make a (computer) resource unavailable to its user via data corruption etc. Here Winamp is the computer resource and the M3U file is the corrupted data. Sure the user can easily recover from this "DoS" by restarting the audio player and to be exact the M3U file is not a great example for corrupted data but I would still call this issue a DoS bug.
Next Page>>
|
