CVE-2020-7566

A CWE-334: Small Space of Random Values vulnerability exists in Modicon M221 all references, all versions that could allow the attacker to break the encryption keys when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221 controller...

CVE-2020-7565

A CWE-326: Inadequate Encryption Strength vulnerability exists in Modicon M221 all references, all versions that could allow the attacker to break the encryption key when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221 controller...

CVE-2020-7565

A CWE-326: Inadequate Encryption Strength vulnerability exists in Modicon M221 all references, all versions that could allow the attacker to break the encryption key when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221 controller...

Schneider Electric Modicon M221 Security Breach

The Schneider Electric Modicon M221 is a programmable logic controller from Schneider Electric, France. The Modicon M221 has a security vulnerability that stems from the presence of a small-space random-value vulnerability, which can be exploited by an attacker to defeat an encryption key when...

PT-2020-13685

Name of the Vulnerable Software and Affected Versions Western Digital iNAND devices through 2020-06-03 Description A security issue has been identified in the Replay Protected Memory Block RPMB protocol, which is used by storage devices to secure trusted firmware. This issue can be exploited in...

[ASA-202011-13] wireshark-cli: denial of service

Arch Linux Security Advisory ASA-202011-13 ========================================== Severity: Low Date : 2020-11-17 CVE-ID : CVE-2020-28030 Package : wireshark-cli Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1258 Summary ======= The package wireshark-cli befo...

CVE-2020-12355

Authentication bypass by capture-replay in RPMB protocol message authentication subsystem in IntelR TXE versions before 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access...

CVE-2020-12355

Authentication bypass by capture-replay in RPMB protocol message authentication subsystem in IntelR TXE versions before 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access...

NFCGate - An NFC Research Toolkit Application For Android

NFCGate is an Android application meant to capture, analyze, or modify NFC traffic. It can be used as a researching tool to reverse engineer protocols or assess the security of protocols against traffic modifications. Notice This application was developed for security research purposes by student...

CTXReports

CTXReports Tool Version 1.0 Created Date: January 30, 2009 Updated Date: January 30, 2009 Where to download ? Certain legacy Citrix tools are now available on request only. Please submit the request here - https://forms.gle/obA39PEz5qpDiSPq8 Once we verify your request, we will provide access to...

The vulnerability of the print-802_11.c component in the tcpdump utility for capturing and analyzing network traffic allows a hacker to induce a service failure.

The vulnerability of the print-80211.c tool, which is used for capturing and analyzing network traffic with tcpdump, relates to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

tcpdump: Buffer over-read in ospf6_print_lshdr() function in print-ospf6.c

An out-of-bounds read vulnerability was discovered in tcpdump while printing OSPFv3 packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application...

tcpdump: Buffer over-read in lmp_print_data_link_subobjs() function in print-lmp.c

An out-of-bounds read vulnerability was discovered in tcpdump while printing LMP packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application...

tcpdump: Buffer over-read in bgp_attr_print() function in print-bgp.c

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgpattrprint MPREACHNLRI...

tcpdump: Buffer over-read in ikev1_n_print() function in print-isakmp.c

An out-of-bounds read vulnerability was discovered in tcpdump while printing ISAKMP packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application...

The vulnerability of the SMB protocol implementation in tools for intercepting and analyzing network traffic with tcpdump allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the SMB protocol implementation for capturing and analyzing network traffic using tcpdump exists due to insufficient verification of input data. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality, integrity, and accessibility of...

Security Bulletin: IBM QRadar Network Packet Capture is vulnerable to Using Components with Known Vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2020-11868 DESCRIPTION: NTP is vulnerable to a denial of service, caused by a flaw in ntpd. By sending a server mode packet with...

Security Bulletin: JQuery as used in IBM Security QRadar Packet Capture is vulnerable to Cross Site Scripting (XSS) (CVE-2020-11023, CVE-2020-11022)

Summary JQuery as used in IBM Security QRadar Packet Capture is vulnerable to Cross Site Scripting XSS Vulnerability Details CVEID: CVE-2020-11023 DESCRIPTION: jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote...

Fedora: Security Advisory for tcpreplay (FEDORA-2020-e45cf8ea43)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for tcpreplay (FEDORA-2020-0e036c907e)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...