893 matches found
FlashAir do not set credential information in PhotoShare
Overview FlashAir by Toshiba Corporation is an SDHC memory card which provides wireless LAN access functions. FlashAir PhotoShare function enables to share the image data in a certain folder with other users as it switches the original wireless LAN connection set by FlashAir default to the wirele...
CVE-2017-6628
A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services WAAS 6.2.1, 6.2.1a, and 6.2.3a could allow an unauthenticated, remote attacker to cause a denial of service DoS condition where the WAN optimization could stop functioning while the process restarts. T...
kernel: remotely triggerable unbounded recursion in the vlan gro code leading to a kernel crash
Linux kernel built with the 802.1Q/802.1ad VLANCONFIGVLAN8021Q OR Virtual eXtensible Local Area NetworkCONFIGVXLAN with Transparent Ethernet BridgingTEB GRO support, is vulnerable to a stack overflow issue. It could occur while receiving large packets via GRO path, as an unlimited recursion could...
CVE-2017-5632
An issue was discovered on the ASUS RT-N56U Wireless Router with Firmware 3.0.0.4.374979. When executing an "nmap -O" command that specifies an IP address of an affected device, one can crash the device's WAN connection, causing disconnection from the Internet, a Denial of Service DoS. The attack...
CVE-2017-5632
An issue was discovered on the ASUS RT-N56U Wireless Router with Firmware 3.0.0.4.374979. When executing an "nmap -O" command that specifies an IP address of an affected device, one can crash the device's WAN connection, causing disconnection from the Internet, a Denial of Service DoS. The attack...
What is promiscuous mode for a NIC (interface)
Question: What is promiscuous mode for a NIC interface? Answer: In a network,promiscuous modeallows a network device to intercept and read each network packet that arrives in its entirety. In anEthernetlocal area network LAN, promiscuous mode is a mode of operation in which...
Amazon Linux AMI : kernel (ALAS-2016-762)
The IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service stack consumption and panic or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers and GRE headers, a...
UBUNTU-CVE-2016-8596
Buffer overflow in the cspcanprocessframe in cspifcan.c in the libcsp library v1.4 and earlier allows hostile components connected to the canbus to execute arbitrary code via a long csp packet...
kernel: remotely triggerable unbounded recursion in the vlan gro code leading to a kernel crash
Linux kernel built with the 802.1Q/802.1ad VLANCONFIGVLAN8021Q OR Virtual eXtensible Local Area NetworkCONFIGVXLAN with Transparent Ethernet BridgingTEB GRO support, is vulnerable to a stack overflow issue. It could occur while receiving large packets via GRO path, as an unlimited recursion could...
CentOS Update for kernel CESA-2016:2047 centos7
Check the version of kernel SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882577";...
USN-3099-1 linux vulnerabilities
Vladimír Beneš discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload GRO processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service system crash. CVE-2016-7039 Marco Grassi discovered a...
CVE-2016-6159
The management interface of Huawei WS331a routers with software before WS331a-10 V100R001C01B112 allows remote attackers to bypass authentication and obtain administrative access by sending "special packages" to the LAN interface...
Tesla Fixes 'Critical' Remote Hack Vulnerability
Several models of the Tesla S cars were hacked by researchers who were able to abruptly stop the car in its tracks, pop open the trunk while the car was being driven, and remotely turn on and off the windshield wipers. The hacks demonstrated by China’s Keen Security Lab, a division of Tencent, we...
Security Bypass Vulnerability in QQ Browser for Android
QQ Browser is a web browser developed by Tencent. A security bypass vulnerability exists in the Android version of QQ Browser. Since QQ Browser and QQ Hotspot for Android are in a local wifi LAN environment, they listen to local port 8786 and all local ip addresses. An attacker can use the...
The vulnerability of the Cisco Wireless LAN Controller 2100 software allows a malicious individual to cause service failure.
The vulnerability in Cisco Wireless LAN Controller WLC devices allows malicious actors to trigger a service failure device reboot by using specially crafted Ethernet frames based on 802.11 protocols...
Secret Chat Password Bypass Vulnerability
Secret Chat is a LAN chat tool. The tool suffers from a password bypass vulnerability when verifying account passwords. An attacker can attempt to crack the password and obtain user information...
CVE-2016-1379
Cisco Adaptive Security Appliance ASA Software 9.0 through 9.5.1 mishandles IPsec error processing, which allows remote authenticated users to cause a denial of service memory consumption via crafted 1 LAN-to-LAN or 2 Remote Access VPN tunnel packets, aka Bug ID CSCuv70576...
CVE-2016-2354
The Bluetooth functionality in Lemur Vehicle Monitors BlueDriver before 2016-04-07 supports unrestricted pairing without a PIN, which allows remote attackers to send arbitrary CAN commands by leveraging access to a device inside or adjacent to the vehicle, as demonstrated by a CAN command to...
Lemur Vehicle Monitors BlueDriver Security Bypass Vulnerability
Lemur Vehicle Monitors BlueDriver is a product that scans aftermarket automotive equipment as well as vehicle performance information through an OBD-II port connected to the Vehicle. Lemur Vehicle Monitors BlueDriver handles Bluetooth connections without requiring a PIN code, allowing a remote...
Amped Wireless R10000 devices with firmware credential management vulnerability
Amped Wireless R10000 devices with firmware are the R10000 series routers from Amped Wireless. A credential management vulnerability exists in Amped Wireless R10000 devices with firmware 2.5.2.11. The device's web management interface has an administrator account, which allows remote attackers to...