Vulnerabilities > Resource Management Errors
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-06-02 | CVE-2009-4008 | Resource Management Errors vulnerability in Nlnetlabs Unbound Unbound before 1.4.4 does not send responses for signed zones after mishandling an unspecified query, which allows remote attackers to cause a denial of service (DNSSEC outage) via a crafted query. | 5.0 |
| 2011-06-02 | CVE-2011-1947 | Resource Management Errors vulnerability in Fetchmail fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time after issuing a (1) STARTTLS or (2) STLS request, which allows remote servers to cause a denial of service (application hang) by acknowledging the request but not sending additional packets. | 5.0 |
| 2011-05-31 | CVE-2011-1922 | Resource Management Errors vulnerability in Nlnetlabs Unbound daemon/worker.c in Unbound 1.x before 1.4.10, when debugging functionality and the interface-automatic option are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DNS request that triggers improper error handling. | 4.3 |
| 2011-05-31 | CVE-2011-1651 | Resource Management Errors vulnerability in Cisco IOS XR Cisco IOS XR 3.9.x and 4.0.x before 4.0.3 and 4.1.x before 4.1.1, when an SPA interface processor is installed, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID CSCto45095. | 7.8 |
| 2011-05-31 | CVE-2011-1649 | Resource Management Errors vulnerability in Cisco products The Internet Streamer application in Cisco Content Delivery System (CDS) with software 2.5.7, 2.5.8, and 2.5.9 before build 126 allows remote attackers to cause a denial of service (Web Engine crash) via a crafted URL, aka Bug IDs CSCtg67333 and CSCth25341. | 7.8 |
| 2011-05-31 | CVE-2011-0949 | Resource Management Errors vulnerability in Cisco IOS XR Cisco IOS XR 3.6.x, 3.8.x before 3.8.3, and 3.9.x before 3.9.1 does not properly remove sshd_lock files from /tmp/, which allows remote attackers to cause a denial of service (disk consumption) by making many SSHv1 connections, aka Bug ID CSCtd64417. | 7.8 |
| 2011-05-31 | CVE-2011-0943 | Resource Management Errors vulnerability in Cisco IOS XR 3.8.3/3.8.4/3.9.1 Cisco IOS XR 3.8.3, 3.8.4, and 3.9.1 allows remote attackers to cause a denial of service (NetIO process restart or device reload) via a crafted IPv4 packet, aka Bug ID CSCth44147. | 7.8 |
| 2011-05-26 | CVE-2011-2173 | Resource Management Errors vulnerability in IBM Websphere Portal 6.0.1.7/7.0.0.1 The implementation of OutputMediator objects in IBM WebSphere Portal 6.0.1.7, and 7.0.0.1 before CF002, allows remote authenticated users to cause a denial of service (memory consumption) via requests. | 4.0 |
| 2011-05-24 | CVE-2011-1521 | Resource Management Errors vulnerability in Python The urllib and urllib2 modules in Python 2.x before 2.7.2 and 3.x before 3.2.1 process Location headers that specify redirection to file: URLs, which makes it easier for remote attackers to obtain sensitive information or cause a denial of service (resource consumption) via a crafted URL, as demonstrated by the file:///etc/passwd and file:///dev/zero URLs. | 6.4 |
| 2011-05-23 | CVE-2011-1575 | Resource Management Errors vulnerability in Pureftpd Pure-Ftpd The STARTTLS implementation in ftp_parser.c in Pure-FTPd before 1.0.30 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted FTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411. | 5.8 |