tldrdailynews.com logo
Tag

Dos

All articles tagged with #dos

18-year-old NGINX flaw raises DoS risk and possible RCE in certain configs
security12 days ago

18-year-old NGINX flaw raises DoS risk and possible RCE in certain configs

An 18-year-old heap buffer overflow in NGINX's rewrite_module (CVE-2026-42945) can cause denial of service and, under specific rewrite configurations, unauthenticated remote code execution. Patches are available in NGINX Open Source 1.31.0 and 1.30.1 and related F5 products; real-world exploitability is debated, but the DoS risk makes patching or applying mitigations urgent, especially where ASLR is disabled to enable RCE in PoC tests.

via BleepingComputer|
#cve-2026-42945#dos#nginx
Microsoft releases the oldest DOS source code yet, tracing back to 86-DOS
technology27 days ago

Microsoft releases the oldest DOS source code yet, tracing back to 86-DOS

Microsoft has published what it calls the earliest DOS source code discovered to date, including the 86-DOS 1.00 kernel, PC-DOS 1.00 development snapshots, and utilities like CHKDSK, all in the same GitHub repository. A team of historians known as the DOS Disassembly Group transcribed decades-old printouts for preservation, noting that the release predates the MS-DOS branding and follows earlier open-source MS-DOS releases from 2014, 2018, and 2024.

via Ars Technica|
#86-dos#dos#microsoft
DR-DOS Returns as a Clean-Room 9.0 Beta
retrocomputing2 months ago

DR-DOS Returns as a Clean-Room 9.0 Beta

A Reddit user has created a clean-room reimplementation of DR-DOS, calling it version 9.0 and placing it in beta after purchasing the trademark. The project aims for full compatibility with DOS, currently runs DOOM, and is free for non-commercial use for now, though the author has not open-sourced the code due to IP/licensing considerations tied to DR-DOS' history with Novell and Caldera.

via Hackaday|
#clean-room#dos#dr-dos
CrashFix Chrome Campaign Traps Users With DoS Crash to Deliver ModeloRAT
cybersecurity4 months ago

CrashFix Chrome Campaign Traps Users With DoS Crash to Deliver ModeloRAT

Security researchers detail KongTuke's CrashFix campaign, where a counterfeit Chrome extension named NexShield clones uBlock Origin Lite, issues a fake security warning, and triggers a DoS-style crash to coerce users into running a command. The attack uses a 60-minute delayed, multi-stage payload that reports a unique ID to nexsnield[.]com, fetches subsequent stages via PowerShell, and loads the ModeloRAT payload on domain-joined machines via RC4-encrypted C2 and Registry persistence; standalone hosts see a testing payload first. The operation leverages a traffic distribution system and underscores evolving social engineering and self-sustaining infection loops.

via The Hacker News|
#crashfix#cybersecurity#dos
Node.js patches mitigate async_hooks stack overflow DoS risk
technology4 months ago

Node.js patches mitigate async_hooks stack overflow DoS risk

Node.js released patches for a critical vulnerability where async_hooks can cause a stack-overflow DoS, with the runtime exiting on code 7 instead of a catchable error; it affects many apps and frameworks (including React Server Components and Next.js) and APMs, tracked as CVE-2025-59466 (CVSS 7.5). Updates are available in Node.js 20.20.0+, 22.22.0+, 24.13.0+, and 25.3.0, while older 8.x–18.x remain EOL. Upgrade promptly and apply stronger stack-space protections; other high-severity fixes were released too.

via The Hacker News|
#asynchooks#dos#nodejs
Cisco Issues Urgent Fix for Critical IOS Zero-Day Exploits
network-security8 months ago

Cisco Issues Urgent Fix for Critical IOS Zero-Day Exploits

Cisco has issued a warning about a high-severity, actively exploited vulnerability in IOS and IOS XE Software (CVE-2025-20352) that affects SNMP protocols, allowing remote attackers with certain credentials to execute arbitrary code or cause a denial-of-service. The flaw, rooted in a stack overflow, has been patched in Cisco IOS XE Software Release 17.15.4a, but mitigation involves restricting SNMP access to trusted users and monitoring SNMP activity.

via The Hacker News|
#cisco#dos#ios-software
Affordable Retro Pocket 386 Laptop Revives DOS and Windows 95 for Under $200
technology1 year ago

Affordable Retro Pocket 386 Laptop Revives DOS and Windows 95 for Under $200

The Pocket 386 is a mini laptop designed for retro computing, featuring a 7-inch display, a 386 SX compatible processor, and support for MS-DOS and Windows 95. Available for under $200 on AliExpress, it includes 8MB of memory, a CompactFlash card reader, and various vintage connectors. Two configurations are offered: a standard black chassis and a slightly more expensive transparent case.

via Liliputing|
#dos#mini-laptop#pocket-386
"Massive SonicWall Firewall Vulnerability Exposes 178K Devices to DoS and RCE Attacks"
cybersecurity2 years ago

"Massive SonicWall Firewall Vulnerability Exposes 178K Devices to DoS and RCE Attacks"

Over 178,000 SonicWall next-generation firewalls with exposed management interfaces are vulnerable to denial-of-service (DoS) and potential remote code execution (RCE) attacks due to two security flaws. Attackers can exploit these vulnerabilities to force the appliances into maintenance mode, disrupting corporate networks' VPN access. Admins are urged to ensure the management interface is not exposed online and to promptly update to the latest firmware versions. SonicWall's history includes being targeted in cyber-espionage attacks and by ransomware gangs, making these vulnerabilities a significant concern for over 500,000 exposed appliances worldwide.

via BleepingComputer|
#cybersecurity#dos#rce