Vulnerability & Exploit Database

Displaying entries 1 - 10 of 27 in total

Results for: CVE-2014-3145 Back to search

Juniper Junos OS: Multiple vulnerabilities in cURL and libcurl (JSA10743) (multiple CVEs) Vulnerability

  • Severity: 9
  • Published: April 24, 2015

The fix_hostname function in cURL and libcurl 7.37.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) or possibly have other unspecified impact via a zero-length host name, as demonstrated by "http://:80" and ":80."

ELSA-2015-0290 Important: Oracle Linux kernel security, bug fix, and enhancement update Vulnerability

  • Severity: 8
  • Published: September 28, 2014

The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ share during resolution of DFS referrals.

Alpine Linux: CVE-2014-3533: dbus bugs in file descriptor passing Vulnerability

  • Severity: 2
  • Published: July 19, 2014

dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6 allows local users to cause a denial of service (disconnect) via a certain sequence of crafted messages that cause the dbus-daemon to forward a message containing an invalid file descriptor.

Alpine Linux: CVE-2014-3532: dbus bugs in file descriptor passing Vulnerability

  • Severity: 2
  • Published: July 19, 2014

dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6, when running on Linux 2.6.37-rc4 or later, allows local users to cause a denial of service (system-bus disconnect of other services or applications) by sending a message containing a file descriptor, then exceeding the maximum recursion depth before the initial message is forwarded.

USN-2290-1: Linux kernel vulnerabilities Vulnerability

  • Severity: 7
  • Published: July 03, 2014

The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket.

USN-2288-1: Linux kernel (Trusty HWE) vulnerabilities Vulnerability

  • Severity: 7
  • Published: July 03, 2014

The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket.

USN-2286-1: Linux kernel (Raring HWE) vulnerabilities Vulnerability

  • Severity: 7
  • Published: June 23, 2014

The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket.

RHSA-2014:0786: kernel security, bug fix, and enhancement update Vulnerability

  • Severity: 7
  • Published: June 07, 2014

The kernel packages contain the Linux kernel, the core of any Linuxoperating system.Red Hat would like to thank Kees Cook of Google for reportingCVE-2014-3153 and Matthew Daley for reporting CVE-2014-1737 and CVE-2014-1738.Google acknowledges Pinkie Pie as the original reporter ofCVE-2014-3153. The CVE-2014-0206 issue was discovered by M...