the original cloud security
Showing 51 - 75 of 166 RSS Feed

Memory Leak Files

OpenVZ Kernel 2.6.32 Memory Leaks
Posted Jul 5, 2013
Authored by Jonathan Salwan

OpenVZ kernel version 2.6.32 suffers from multiple memory leaks.

tags | advisory, kernel, memory leak
advisories | CVE-2013-2239
MD5 | c7043e797e0ab4ea599afa19f67edef9
Cisco Security Advisory 20130327-cce
Posted Mar 28, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco IOS Software contains a memory leak vulnerability that could be triggered through the processing of malformed Session Initiation Protocol (SIP) messages. Exploitation of this vulnerability could cause an interruption of services. Only devices that are configured for SIP inspection are affected by this vulnerability. Cisco has released free software updates that address this vulnerability. There are no workarounds for devices that must run SIP inspection.

tags | advisory, protocol, memory leak
systems | cisco
MD5 | 54f51a0646c56a0a69efdad73d9424a5
Ubuntu Security Notice USN-1760-1
Posted Mar 13, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1760-1 - A failure to validate input was discovered in the Linux kernel's Xen netback (network backend) driver. A user in a guest OS may exploit this flaw to cause a denial of service to the guest OS and other guest domains. A memory leak was discovered in the Linux kernel's Xen netback (network backend) driver. A user in a guest OS could trigger this flaw to cause a denial of service on the system. Various other issues were also addressed.

tags | advisory, denial of service, kernel, memory leak
systems | linux, ubuntu
advisories | CVE-2013-0216, CVE-2013-0217, CVE-2013-0228, CVE-2013-0268, CVE-2013-0311, CVE-2013-0349, CVE-2013-1773, CVE-2013-0216, CVE-2013-0217, CVE-2013-0228, CVE-2013-0268, CVE-2013-0311, CVE-2013-0349, CVE-2013-1773
MD5 | bf974e96001c4add92de0057fa912944
Ubuntu Security Notice USN-1756-1
Posted Mar 7, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1756-1 - A failure to validate input was discovered in the Linux kernel's Xen netback (network backend) driver. A user in a guest OS may exploit this flaw to cause a denial of service to the guest OS and other guest domains. A memory leak was discovered in the Linux kernel's Xen netback (network backend) driver. A user in a guest OS could trigger this flaw to cause a denial of service on the system. Various other issues were also addressed.

tags | advisory, denial of service, kernel, memory leak
systems | linux, ubuntu
advisories | CVE-2013-0216, CVE-2013-0217, CVE-2013-0228, CVE-2013-0268, CVE-2013-0311, CVE-2013-0349, CVE-2013-1773, CVE-2013-0216, CVE-2013-0217, CVE-2013-0228, CVE-2013-0268, CVE-2013-0311, CVE-2013-0349, CVE-2013-1773
MD5 | 76f0c9df3c89b3fe3d8bc62fe88a91c9
Debian Security Advisory 2631-1
Posted Feb 25, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2631-1 - Squid3, a fully featured Web proxy cache, is prone to a denial of service attack due to memory consumption caused by memory leaks in cachemgr.cgi.

tags | advisory, web, denial of service, cgi, memory leak
systems | linux, debian
advisories | CVE-2012-5643, CVE-2013-0189
MD5 | df10306a30bcb3a990ed2d91b55b6afe
Mandriva Linux Security Advisory 2013-013
Posted Feb 20, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-013 - Multiple vulnerabilities has been found and corrected in Squid. Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2.x and 3.x before 3.1.22, 3.2.x before 3.2.4, and 3.3.x before 3.3.0.2 allow remote attackers to cause a denial of service (memory consumption) via long POST requests, or crafted authentication credentials. cachemgr.cgi in Squid 3.1.x and 3.2.x, possibly 3.1.22, 3.2.4, and other versions, allows remote attackers to cause a denial of service via a crafted request. NOTE: this issue is due to an incorrect fix for possibly involving an incorrect order of arguments or incorrect comparison. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, cgi, vulnerability, memory leak
systems | linux, mandriva
advisories | CVE-2012-5643, CVE-2013-0189
MD5 | 9f86798b70ae1edecb246a190dcbbeb8
Red Hat Security Advisory 2012-1304-01
Posted Sep 26, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1304-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. An integer overflow flaw was found in the i915_gem_do_execbuffer() function in the Intel i915 driver in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service. This issue only affected 32-bit systems. A memory leak flaw was found in the way the Linux kernel's memory subsystem handled resource clean up in the mmap() failure path when the MAP_HUGETLB flag was set. A local, unprivileged user could use this flaw to cause a denial of service.

tags | advisory, denial of service, overflow, kernel, local, memory leak
systems | linux, redhat
advisories | CVE-2012-2313, CVE-2012-2384, CVE-2012-2390, CVE-2012-3430, CVE-2012-3552
MD5 | 2b9799604fcb5b2cc63c4a498c6f5882
Red Hat Security Advisory 2012-1150-01
Posted Aug 9, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1150-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A memory leak flaw was found in the way the Linux kernel's memory subsystem handled resource clean up in the mmap() failure path when the MAP_HUGETLB flag was set. A local, unprivileged user could use this flaw to cause a denial of service. A flaw was found in the way the Linux kernel's Event Poll subsystem handled resource clean up when an ELOOP error code was returned. A local, unprivileged user could use this flaw to cause a denial of service.

tags | advisory, denial of service, kernel, local, memory leak
systems | linux, redhat
advisories | CVE-2012-2390, CVE-2012-3375
MD5 | dc6120a3346e7ea6cef0c53a34f7f4b5
Debian Security Advisory 2525-1
Posted Aug 7, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2525-1 - It was discovered that Expat, a C library to parse XML, is vulnerable to denial of service through hash collisions and a memory leak in pool handling.

tags | advisory, denial of service, memory leak
systems | linux, debian
advisories | CVE-2012-0876, CVE-2012-1148
MD5 | bee79272ea2be6e83d58703f36c60b28
Red Hat Security Advisory 2012-1141-01
Posted Aug 3, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1141-01 - The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. A denial of service flaw was found in the way the dhcpd daemon handled zero-length client identifiers. A remote attacker could use this flaw to send a specially-crafted request to dhcpd, possibly causing it to enter an infinite loop and consume an excessive amount of CPU time. Two memory leak flaws were found in the dhcpd daemon. A remote attacker could use these flaws to cause dhcpd to exhaust all available memory by sending a large number of DHCP requests.

tags | advisory, remote, denial of service, protocol, memory leak
systems | linux, redhat
advisories | CVE-2012-3571, CVE-2012-3954
MD5 | c9da33843699668bd16e0b1663972152
Mandriva Linux Security Advisory 2012-116
Posted Jul 27, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-116 - An error in the handling of malformed client identifiers can cause a DHCP server running affected versions to enter a state where further client requests are not processed and the server process loops endlessly, consuming all available CPU cycles. Under normal circumstances this condition should not be triggered, but a non-conforming or malicious client could deliberately trigger it in a vulnerable server. In order to exploit this condition an attacker must be able to send requests to the DHCP server. Two memory leaks have been found and fixed in ISC DHCP. The updated packages have been patched to correct these issues.

tags | advisory, memory leak
systems | linux, mandriva
advisories | CVE-2012-3571, CVE-2012-3954
MD5 | 8b3cbe9c81ae315761885e0079613fc8
Mandriva Linux Security Advisory 2012-115
Posted Jul 27, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-115 - An unexpected client identifier parameter can cause the ISC DHCP daemon to segmentation fault when running in DHCPv6 mode, resulting in a denial of service to further client requests. In order to exploit this condition, an attacker must be able to send requests to the DHCP server. An error in the handling of malformed client identifiers can cause a DHCP server running affected versions to enter a state where further client requests are not processed and the server process loops endlessly, consuming all available CPU cycles. Under normal circumstances this condition should not be triggered, but a non-conforming or malicious client could deliberately trigger it in a vulnerable server. In order to exploit this condition an attacker must be able to send requests to the DHCP server. Two memory leaks have been found and fixed in ISC DHCP. The updated packages have been upgraded to the latest version which is not affected by these issues.

tags | advisory, denial of service, memory leak
systems | linux, mandriva
advisories | CVE-2012-3570, CVE-2012-3571, CVE-2012-3954
MD5 | b8bec5432648e11ee761ae836102755b
Red Hat Security Advisory 2012-0731-01
Posted Jun 13, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0731-01 - Expat is a C library written by James Clark for parsing XML documents. A denial of service flaw was found in the implementation of hash arrays in Expat. An attacker could use this flaw to make an application using Expat consume an excessive amount of CPU time by providing a specially-crafted XML file that triggers multiple hash function collisions. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. A memory leak flaw was found in Expat. If an XML file processed by an application linked against Expat triggered a memory re-allocation failure, Expat failed to free the previously allocated memory. This could cause the application to exit unexpectedly or crash when all available memory is exhausted.

tags | advisory, denial of service, memory leak
systems | linux, redhat
advisories | CVE-2012-0876, CVE-2012-1148
MD5 | 6b0cea5917b20b83910735f2c3072852
Red Hat Security Advisory 2012-0676-01
Posted May 22, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0676-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel. A flaw was found in the way the KVM_CREATE_IRQCHIP ioctl was handled. Calling this ioctl when at least one virtual CPU already existed could lead to a NULL pointer dereference later when the VCPU is scheduled to run. A malicious user in the kvm group on the host could use this flaw to crash the host. A flaw was found in the way device memory was handled during guest device removal. Upon successful device removal, memory used by the device was not properly unmapped from the corresponding IOMMU or properly released from the kernel, leading to a memory leak. A malicious user in the kvm group on the host who has the ability to assign a device to a guest could use this flaw to crash the host.

tags | advisory, kernel, memory leak
systems | linux, redhat
advisories | CVE-2012-1601, CVE-2012-2121
MD5 | 75bbd88324ddd95cff9e55be111b3594
Debian Security Advisory 2459-2
Posted May 6, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2459-2 - The recent quagga update, DSA-2459-1, introduced a memory leak in the bgpd process in some configurations.

tags | advisory, memory leak
systems | linux, debian
MD5 | 5095afa51d00ac16ccca45fe30b0cebe
Intuit Help System Heap Corruption / Memory Leak
Posted Mar 30, 2012
Authored by Derek Soeder

Intuit Help System suffers from protocol URL heap corruption and memory leak vulnerabilities.

tags | exploit, vulnerability, protocol, memory leak
MD5 | c4a7ca65d102d5fbddb0b26479033d43
Cisco Security Advisory 20120328-zbfw
Posted Mar 29, 2012
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco IOS Software contains four vulnerabilities related to Cisco IOS Zone-Based Firewall features. These vulnerabilities are as follows: Memory Leak Associated with Crafted IP Packets. Memory Leak in HTTP Inspection. Memory Leak in H.323 Inspection. Memory Leak in SIP Inspection Workarounds that mitigate these vulnerabilities are not available. Cisco has released free software updates that address these vulnerabilities.

tags | advisory, web, vulnerability, memory leak
systems | cisco
advisories | CVE-2012-0387, CVE-2012-0388, CVE-2012-1310, CVE-2012-1315
MD5 | d01649c54dfd485810387931863753a1
Mandriva Linux Security Advisory 2012-041
Posted Mar 28, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-041 - A memory leak and a hash table collision flaw in expat could cause denial of service attacks. The updated packages have been patched to correct this issue.

tags | advisory, denial of service, memory leak
systems | linux, mandriva
advisories | CVE-2012-0876, CVE-2012-1148
MD5 | bc5d99bc968a3302928048a8bf550249
Cisco Security Advisory 20110928-cucm
Posted Sep 28, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Unified Communications Manager contains a memory leak vulnerability that could be triggered through the processing of malformed Session Initiation Protocol (SIP) messages. Exploitation of this vulnerability could cause an interruption of voice services. Cisco has released free software updates for supported Cisco Unified Communications Manager versions to address the vulnerability. A workaround exists for this SIP vulnerability.

tags | advisory, protocol, memory leak
systems | cisco
advisories | CVE-2011-2072
MD5 | 92d32bec8f7057cebc21076875e2fb9b
Cisco Security Advisory 20110928-sip
Posted Sep 28, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Multiple vulnerabilities exist in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software and Cisco IOS XE Software that could allow an unauthenticated, remote attacker to cause a reload of an affected device or trigger memory leaks that may result in system instabilities. Affected devices would need to be configured to process SIP messages for these vulnerabilities to be exploitable. Cisco has released free software updates that address these vulnerabilities. There are no workarounds for devices that must run SIP; however, mitigations are available to limit exposure to the vulnerabilities.

tags | advisory, remote, vulnerability, protocol, memory leak
systems | cisco, osx
advisories | CVE-2011-0939, CVE-2011-2072, CVE-2011-3275
MD5 | bc0662c54a51abc3c5b7b913522a0f91
Cisco Security Advisory 20110928-dlsw
Posted Sep 28, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco IOS Software contains a memory leak vulnerability in the Data-Link Switching (DLSw) feature that could result in a device reload when processing crafted IP Protocol 91 packets. Cisco has released free software updates that address this vulnerability.

tags | advisory, protocol, memory leak
systems | cisco
advisories | CVE-2011-0945
MD5 | 46eb11cc4b60f4c92fd786d7d3a08117
Apache Tomcat 7.0.0 Through 7.0.16 Information Disclosure
Posted Aug 13, 2011
Authored by Mark Thomas | Site tomcat.apache.org

The re-factoring of XML validation for Tomcat 7.0.x re-introduced the vulnerability previously reported as CVE-2009-0783. This was initially reported as a memory leak. If a web application is the first web application loaded, this bug allows that web application to potentially view and/or alter the web.xml, context.xml and tld files of other web applications deployed on the Tomcat instance.

tags | advisory, web, memory leak
advisories | CVE-2011-2481
MD5 | fffc75ef02341bc27a0d78a4480c077e
Linux 2.6.37-rc1 serial_core TIOCGICOUNT Leak
Posted Mar 14, 2011
Authored by prdelka

Information leak exploit for Linux kernel versions 2.6.37-rc1 and below which leaks kernel stack space back to userland due to uninitialized struct member "reserved" in struct serial_icounter_struct copied to userland. Uses ioctl to trigger memory leak, dumps to file and displays to command line.

tags | exploit, kernel, memory leak
systems | linux
advisories | CVE-2010-4077
MD5 | 5561330a1567df8efd9ee941ff262eb5
Mandriva Linux Security Advisory 2011-006
Posted Jan 14, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-006 - The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking of SVNParentPath collections. Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command.

tags | advisory, remote, web, denial of service, memory leak
systems | linux, mandriva
advisories | CVE-2010-4539, CVE-2010-4644
MD5 | 21f68cfded4bb3660d0d738cd1483079
Call Of Duty: Black Ops Memory Leak
Posted Dec 3, 2010
Authored by Luigi Auriemma | Site aluigi.org

Call of Duty: Black Ops suffers from a remote memory leak vulnerability.

tags | advisory, remote, memory leak
MD5 | 9adeaf26d3957452c43264d43577a606
Page 3 of 7
Back12345Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    2 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close