1314 matches found
Moxa EDR-810 Information Disclosure Vulnerability
The EDR-810 is a highly integrated industrial multi-port security router with firewall/NAT/VPN and two-layer manageable switch functionality. An information disclosure vulnerability exists in the server proxy feature of the Moxa EDR-810 V4.1 build 17030317. An attacker can exploit this...
CVE-2017-12128
An exploitable information disclosure vulnerability exists in the Server Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted TCP packet can cause information disclosure. An attacker can send a crafted TCP packet to trigger this vulnerability...
PT-2018-5369 · Moxa · Moxa Edr-810
Name of the Vulnerable Software and Affected Versions: Moxa EDR-810 version 4.1 build 17030317 Description: An information disclosure issue exists in the Server Agent functionality. A specially crafted TCP packet can cause information disclosure. An attacker can send a crafted TCP packet to trigg...
DEBIAN-CVE-2018-1130
Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccpwritexmit function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls...
CVE-2018-5517
On F5 BIG-IP 13.1.0-13.1.0.5, malformed TCP packets sent to a self IP address or a FastL4 virtual server may cause an interruption of service. The control plane is not exposed to this issue. This issue impacts the data plane virtual servers and self IPs...
DEBIAN-CVE-2018-9258
In Wireshark 2.4.0 to 2.4.5, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by preserving valid data sources...
Wireshark Denial of Service Vulnerability (CNVD-2018-07438)
Wireshark formerly Ethereal is a suite of network packet analysis software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis.TCP dissector is one of the transmission control protocol parsers. A security vulnerabili...
The vulnerability of the TCP packet processing driver in Snort and Suricata IDS systems allows attackers to bypass network attack detection functions.
The vulnerability of the TCP packet processing driver in Snort and Suricata IDS systems is related to the implementation of an internal mechanism for handling TCP connections. Exploiting this vulnerability allows a malicious actor to bypass the network attack detection functions, which are...
CVE-2017-17216
Media Gateway Control Protocol MGCP in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An...
Flexense Disk Savvy Enterprise Buffer Error Vulnerability
Flexense Disk Savvy Enterprise is a free hard disk space analysis tool from Flexense Canada. A buffer overflow vulnerability exists in the control protocol in Flexense Disk Savvy Enterprise. A remote attacker can exploit this vulnerability by sending specially crafted packets to TCP port 9124 to...
CVE-2018-6481
A buffer overflow vulnerability in the control protocol of Disk Savvy Enterprise v10.4.18 allows remote attackers to execute arbitrary code by sending a crafted packet to TCP port 9124...
DEBIAN-CVE-2018-7286
An issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. respjsip allows remote authenticated users to crash Asterisk segmentation fault by sending a number of SIP INVITE messages on a TCP or TLS connection and...
Cisco Unified Customer Voice Portal Denial of Service Vulnerability (CNVD-2018-05345)
Cisco Unified Customer Voice Portal CVP is a unified communications system for delivering voice and video self-service from Cisco.The Interactive Voice Response IVR management connection interface is one of the connectivity components that provides an open and extensible foundation for creating a...
Digium Asterisk Open Source and Certified Asterisk 'INVITE' Denial of Service Vulnerabilities
Digium Asterisk Open Source and Certified Asterisk are both open source telephone exchange PBX system software from Digium, Inc. in the United States. The software supports voicemail, multi-party voice conferencing, and interactive voice response IVR. A denial of service vulnerability exists in...
CVE-2017-15344
Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30 has an integer overflow vulnerability. The software does not sufficiently validate certain field in SCTP messages, a remote unauthenticated attacker coul...
CVE-2018-0137
A vulnerability in the TCP throttling process of Cisco Prime Network could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficient rate limiting protection for TCP listening ports. An attacker could explo...
CVE-2018-0137
A vulnerability in the TCP throttling process of Cisco Prime Network could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficient rate limiting protection for TCP listening ports. An attacker could explo...
DEBIAN-CVE-2018-6794
Suricata before 4.0.4 is prone to an HTTP detection bypass vulnerability in detect.c and stream-tcp.c. If a malicious server breaks a normal TCP flow and sends data before the 3-way handshake is complete, then the data sent by the malicious server will be accepted by web clients such as a web...
Flexense SyncBreeze Enterprise Buffer Error Vulnerability
Flexense SyncBreeze Enterprise is a set of file synchronization tools from Flexense Canada. The tool has file management and data synchronization features. control protocol is one of the controller protocol. A buffer overflow vulnerability exists in the control protocol in Flexense SyncBreeze...
CVE-2018-6537
A buffer overflow vulnerability in the control protocol of Flexense SyncBreeze Enterprise v10.4.18 allows remote attackers to execute arbitrary code by sending a crafted packet to TCP port 9121...