The vulnerability of the TCP packet processing driver in Snort and Suricata IDS systems allows attackers to bypass network attack detection functions.

The vulnerability of the TCP packet processing driver in Snort and Suricata IDS systems is related to the implementation of an internal mechanism for handling TCP connections. Exploiting this vulnerability allows a malicious actor to bypass the network attack detection functions, which are...

CVE-2017-17216

Media Gateway Control Protocol MGCP in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An...

Flexense Disk Savvy Enterprise Buffer Error Vulnerability

Flexense Disk Savvy Enterprise is a free hard disk space analysis tool from Flexense Canada. A buffer overflow vulnerability exists in the control protocol in Flexense Disk Savvy Enterprise. A remote attacker can exploit this vulnerability by sending specially crafted packets to TCP port 9124 to...

CVE-2018-6481

A buffer overflow vulnerability in the control protocol of Disk Savvy Enterprise v10.4.18 allows remote attackers to execute arbitrary code by sending a crafted packet to TCP port 9124...

DEBIAN-CVE-2018-7286

An issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. respjsip allows remote authenticated users to crash Asterisk segmentation fault by sending a number of SIP INVITE messages on a TCP or TLS connection and...

Cisco Unified Customer Voice Portal Denial of Service Vulnerability (CNVD-2018-05345)

Cisco Unified Customer Voice Portal CVP is a unified communications system for delivering voice and video self-service from Cisco.The Interactive Voice Response IVR management connection interface is one of the connectivity components that provides an open and extensible foundation for creating a...

Digium Asterisk Open Source and Certified Asterisk 'INVITE' Denial of Service Vulnerabilities

Digium Asterisk Open Source and Certified Asterisk are both open source telephone exchange PBX system software from Digium, Inc. in the United States. The software supports voicemail, multi-party voice conferencing, and interactive voice response IVR. A denial of service vulnerability exists in...

CVE-2017-15344

Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30 has an integer overflow vulnerability. The software does not sufficiently validate certain field in SCTP messages, a remote unauthenticated attacker coul...

CVE-2018-0137

A vulnerability in the TCP throttling process of Cisco Prime Network could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficient rate limiting protection for TCP listening ports. An attacker could explo...

CVE-2018-0137

A vulnerability in the TCP throttling process of Cisco Prime Network could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficient rate limiting protection for TCP listening ports. An attacker could explo...

DEBIAN-CVE-2018-6794

Suricata before 4.0.4 is prone to an HTTP detection bypass vulnerability in detect.c and stream-tcp.c. If a malicious server breaks a normal TCP flow and sends data before the 3-way handshake is complete, then the data sent by the malicious server will be accepted by web clients such as a web...

Flexense SyncBreeze Enterprise Buffer Error Vulnerability

Flexense SyncBreeze Enterprise is a set of file synchronization tools from Flexense Canada. The tool has file management and data synchronization features. control protocol is one of the controller protocol. A buffer overflow vulnerability exists in the control protocol in Flexense SyncBreeze...

CVE-2018-6537

A buffer overflow vulnerability in the control protocol of Flexense SyncBreeze Enterprise v10.4.18 allows remote attackers to execute arbitrary code by sending a crafted packet to TCP port 9121...

Buffer overflow

A buffer overflow vulnerability in the control protocol of Flexense SyncBreeze Enterprise v10.4.18 allows remote attackers to execute arbitrary code by sending a crafted packet to TCP port 9121...

DEBIAN-CVE-2018-5703

The tcpv6synrecvsock function in net/ipv6/tcpipv6.c in the Linux kernel through 4.14.11 allows attackers to cause a denial of service slab out-of-bounds write or possibly have unspecified other impact via vectors involving TLS...

Flexense Disk Pulse Enterprise Control Protocol Denial of Service Vulnerability

Flexense Disk Pulse Enterprise is a suite of disk monitoring tools from Flexense Canada, with Control Protocol as one of the control protocols. A denial of service vulnerability exists in Control Protocol in Flexense Disk Pulse Enterprise version 10.1.18. The vulnerability can be exploited to cau...

CVE-2017-15665

In Flexense DiskBoss Enterprise 8.5.12, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVERGETINFO packet sent to control port 8094...

CVE-2017-15664

In Flexense Sync Breeze Enterprise v10.1.16, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVERGETINFO packet sent to control port 9121...

Denial of service

In Flexense Sync Breeze Enterprise v10.1.16, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVERGETINFO packet sent to control port 9121...

CVE-2017-15662

In Flexense VX Search Enterprise v10.1.12, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVERGETINFO packet sent to control port 9123...