DOS

Pierluigi Paganini January 30, 2020
Cisco Small Business Switches affected by DoS and information disclosure flaws

Cisco addressed high-severity flaws in Small Business Switches that can be exploited to access sensitive device data and to trigger a DoS condition. Cisco released security patches to addressed high-severity vulnerabilities in Small Business Switches that can be exploited to access sensitive device data and to trigger a DoS condition. Both issues could be exploited […]

Pierluigi Paganini December 19, 2019
Drupal addressed several issues, including a critical file processing bug

The Drupal development team released versions 7.69, 8.7.11 and 8.8.1, which address several vulnerabilities, including a serious file processing issue. Drupal developers have released versions 7.69, 8.7.11 and 8.8.1, which address several vulnerabilities, including a serious file processing issue. The most serious issue is related to the Archive_Tar third-party library, it has been assigned a […]

Pierluigi Paganini December 16, 2019
Schneider Electric fixes DoS flaws in Modicon, EcoStruxure products

Schneider Electric addressed several vulnerabilities in some Modicon controllers and several EcoStruxure products. Schneider Electric addresses three denial-of-service (DoS) vulnerabilities Schneider Electric Modicon M580, M340, Quantum and Premium controllers. The vendor has informed its customers that all three flaws are caused by improper check for unusual or exceptional conditions. The three vulnerabilities are: The first […]

Pierluigi Paganini December 09, 2019
Google fixes a critical DoS flaw tracked as CVE-2019-2232 in Android

Google addressed a critical vulnerability, tracked as CVE-2019-2232, that could trigger a permanent denial of service (DoS) condition in Android. Google released December 2019 security updates for its Android mobile OS that addressed several flaws, including a critical vulnerability, tracked as CVE-2019-2232, that could result in a permanent denial of service (DoS). Google addressed more […]

Pierluigi Paganini November 09, 2019
Cisco Talos discovered multiple flaws in the LEADTOOLS toolkits

Cisco Talos security researchers discovered multiple flaws in the LEADTOOLS imaging toolkits that could lead to code execution on the target system. LEAD addressed them this week. Security experts at Cisco Talos discovered four High severity vulnerabilities in the LEADTOOLS imaging toolkits that could be exploited to execute arbitrary code on the target system. LEADTOOLS […]

Pierluigi Paganini October 14, 2019
Talos experts found 11 flaws in Schneider Electric Modicon Controllers

Cisco Talos experts discovered nearly a dozen flaws affecting some of the models of Schneider Electric’s Modicon programmable logic controllers. Talos experts discovered 11 security flaws affecting some models of Schneider Electric’s Modicon programmable logic controllers. Affected models are Modicon M580, M340, BMENOC 0311, BMENOC 0321, Quantum, Premium, and Modicon BMxCRA and 140CRA. The unique […]

Pierluigi Paganini August 27, 2019
Code Execution and DoS flaw addressed in QEMU

The open-source emulator QEMU is affected by a flaw that could be exploited to trigger a (DoS) condition or gain arbitrary code execution. QEMU (short for Quick Emulator) is a free and open-source emulator that performs hardware virtualization. It emulates the machine’s processor through dynamic binary translation and provides a set of different hardware and device models for the machine, enabling it to run a […]

Pierluigi Paganini August 14, 2019
Flaws in HTTP/2 implementations expose servers to DoS attacks

Experts at Netflix and Google discovered eight denial-of-service (DoS) vulnerabilities affecting various HTTP/2 implementations. Researchers from Netflix and Google discovered eight denial-of-service (DoS) flaws affecting various HTTP/2 implementations. Some of the flawed implementations belong to tech giants such as Amazon, Apple, Facebook, and Microsoft. The security flaws affect the most popular web server software, including […]

Pierluigi Paganini June 26, 2019
Silex malware bricks thousands of IoT devices in a few hours

Security experts warn of a new piece of the Silex malware that is bricking thousands of IoT devices, and the situation could rapidly go worse. Akamai researcher Larry Cashdollar discovered a new piece of the Silex malware that is bricking thousands of IoT devices, over 2,000 devices have been bricked in a few hours and the […]

Pierluigi Paganini June 18, 2019
Multiple DoS vulnerabilities affect Linux and FreeBSD

Netflix researcher has identified several TCP networking vulnerabilities in FreeBSD and Linux kernels that could trigger a DoS condition. Jonathan Looney, a security expert at Netflix, found three Linux DoS vulnerabilities, two of them related to the minimum segment size (MSS) and TCP Selective Acknowledgement (SACK) capabilities, and one related only to MSS. The most severe […]