CVE-2024-7294
published 2024-10-09CVE-2024-7294: In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), an HTTP DoS attack is possible on anonymous endpoints without rate limiting.
PriorityP430medium6.5CVSS 3.1
AVNACLPRNUIRSUCNINAH
EPSS
0.31%
22.9th percentile
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), an HTTP DoS attack is possible on anonymous endpoints without rate limiting.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| progress | telerik_reporting | < 10.2.24.806 | 10.2.24.806 |
| progress_software_corporation | telerik_report_server | >= 1.0.0 < 10.2.24.806 | 10.2.24.806 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
GPL NETBIOS SMB trans2open buffer overflow attempt
suricata·2010-09-23
CVE-2003-0201 GPL NETBIOS SMB trans2open buffer overflow attempt
GPL NETBIOS SMB trans2open buffer overflow attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 139 (msg:"GPL NETBIOS SMB trans2open buffer overflow attempt"; flow:established,to_server; content:"|00|"; depth:1; content:"|FF|SMB2"; depth:5; offset:4; content:"|00 14|"; depth:2; offset:60; byte_test:2,>,256,0,relative,little; reference:bugtraq,7294; reference:cve,2003-0201; reference:url,www.digitaldefense.net/labs/advisories/DDI-1013.txt; classtype:attempted-admin; sid:2102103; rev:11; metadata:created_at 2010_09_23, cve CVE_2003_0201, confidence High, signature_severity Major, updated_at 2024_03_08;)
No public exploits indexed.
No writeups or analysis indexed.
2024-10-09
Published