Lucene search
K

1314 matches found

Tenable Nessus
Tenable Nessus
added 2016/08/24 12:0 a.m.57 views

RHEL 6 : kernel (RHSA-2016:1664)

An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

5.8CVSS6.7AI score0.15073EPSS
Exploits3References3
RedHat Linux
RedHat Linux
added 2016/08/23 4:11 p.m.6 views

kernel: challenge ACK counter information disclosure.

It was found that the RFC 5961 challenge ACK rate limiting as implemented in the Linux kernel's networking subsystem allowed an off-path attacker to leak certain information about a given connection by creating congestion on the global challenge ACK rate limit counter and then measuring the chang...

5.8CVSS6.6AI score0.15073EPSS
Exploits3References5
BDU FSTEC
BDU FSTEC
added 2016/08/16 12:0 a.m.5 views

The vulnerability of the Internet Explorer browser allows a perpetrator to trick users into creating a TCP connection with a limited port.

The vulnerability of Internet Explorer is related to access control deficiencies. Exploiting this vulnerability allows a malicious actor to remotely trick users into establishing a TCP connection with a limited port, through a specially crafted web page...

4.3CVSS7AI score0.14572EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2016/08/06 12:0 a.m.3 views

UBUNTU-CVE-2016-5696

net/ipv4/tcpinput.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack...

4.8CVSS6.9AI score0.15073EPSS
Exploits3References13
BDU FSTEC
BDU FSTEC
added 2016/07/07 12:0 a.m.10 views

The vulnerability of the SAP NetWeaver Application Server allows a perpetrator to compromise the security of information.

The vulnerability of SAP NetWeaver Application Server is related to errors in the processing of XML requests. Exploiting this vulnerability allows a malicious actor to compromise information security by sending specially crafted TCP and XML requests remotely...

7.5CVSS5.4AI score0.02934EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.8 views

The vulnerability of the automated system for managing technological processes of SIMATIC WinCC OA allows a malicious individual to bypass the file system without going through the authentication procedures as a regular user.

The vulnerability of the SIMATIC WinCC OA software is related to errors that occur when processing specially crafted TCP packets. Exploiting this vulnerability allows a malicious individual to bypass the file system on the server in the context of the current user, without going through the...

5CVSS5.5AI score0.03507EPSS
Exploits0References14Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.7 views

Windows operating system’s vulnerability, which allows a malicious actor to trigger a service failure

The vulnerability of the TCP protocol in the Windows operating system allows a malicious actor to induce a service failure by creating TCP packets that contain incorrect data fields in the “Options” header...

5CVSS5.5AI score0.18221EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.7 views

The vulnerability of the Cisco IOS operating system, which allows a malicious actor to trigger a “disconnection”

Cisco IOS software contains a vulnerability in the NAT service, which allows a remote attacker to trigger a memory leak and a “disruption of service” by sending a sequence of TCP packets...

7.8CVSS7.5AI score0.02237EPSS
Exploits1References4Affected Software1
RedHat Linux
RedHat Linux
added 2016/06/23 4:14 p.m.4 views

kernel: SCTP denial of service during timeout

A race condition flaw was found in the way the Linux kernel's SCTP implementation handled sctpaccept during the processing of heartbeat timeout events. A remote attacker could use this flaw to prevent further connections to be accepted by the SCTP server running on the system, resulting in a deni...

6.2CVSS6.7AI score0.00391EPSS
Exploits0References4
CNVD
CNVD
added 2016/05/21 12:0 a.m.5 views

Cisco IOS XR for Cisco ASR 9000 Series Aggregation Services Routers Denial of Service Vulnerability

Cisco IOS XR for Cisco ASR 9000 Series Aggregation Services Routers is a set of operating systems that run in 9000 Series router devices. A security vulnerability in the Local Packet Transport Services LPTS network stack of the Cisco IOS XR for Cisco ASR 9000 Series Aggregation Services Routers...

7.5CVSS6.8AI score0.01765EPSS
Exploits0References1
OSV
OSV
added 2016/05/02 10:59 a.m.1 views

UBUNTU-CVE-2016-2070

The tcpcwndreduction function in net/ipv4/tcpinput.c in the Linux kernel before 4.3.5 allows remote attackers to cause a denial of service divide-by-zero error and system crash via crafted TCP traffic...

7.5CVSS7.1AI score0.03322EPSS
Exploits0References4
CNVD
CNVD
added 2016/04/27 12:0 a.m.5 views

Wireshark NCP Parser Stack Buffer Overflow Vulnerability

Wireshark formerly known as Ethereal is a suite of network packet analysis software developed by the Wireshark team. A stack buffer overflow vulnerability exists in the epan/dissectors/packet-ncp2222.inc file in the NCP parser in Wireshark versions 1.12.11 prior to 1.12.x. This vulnerability can ...

5.9CVSS7.7AI score0.03034EPSS
Exploits0References1
CNVD
CNVD
added 2016/04/16 12:0 a.m.4 views

Juniper Networks Junos OS TCP Session Denial of Service Vulnerability

Juniper Networks Junos OS is a network operating system dedicated to the company's hardware systems. A security vulnerability in Juniper Networks Junos OS allows remote attackers to conduct denial-of-service attacks by manipulating timestamps in TCP sessions...

7.8CVSS6.9AI score0.01886EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2016/03/31 12:0 a.m.7 views

The vulnerability of the NX-OS network operating system allows a hacker to induce a maintenance failure.

The vulnerability of the NX-OS network operating system is related to resource management errors. Exploiting this vulnerability allows a malicious actor to trigger a service failure TCP stack reboot by sending TCP packets to the device during the TIMEWAIT TCP session...

7.8CVSS7.2AI score0.03944EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2016/03/14 5:20 p.m.12 views

USN-2932-1 linux-lts-vivid vulnerabilities

Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPTSOSETREPLACE events. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privileges...

8.4CVSS7.2AI score0.03723EPSS
Exploits22References17
CNVD
CNVD
added 2016/03/04 12:0 a.m.3 views

Cisco NX-OS Software Denial of Service Vulnerability (CNVD-2016-01460)

Cisco NX-OS is a data center-class operating system. A security vulnerability exists in the TCP stack of Cisco NX-OS Software that originates from the incorrect handling of packets within a TCP session when the affected device is in the TIMEWAIT state. Exploitation of this vulnerability by an...

7.8CVSS6.8AI score0.03944EPSS
Exploits0References1
CNVD
CNVD
added 2016/02/15 12:0 a.m.6 views

Siemens SIMATIC S7-1500 Denial of Service Vulnerability (CNVD-2016-00931)

The Siemens SIMATIC S7-1500 is a controller family with a modular structure. A denial of service vulnerability exists in Siemens SIMATIC S7-1500 versions prior to 1.8.3 when processing specially crafted TCP packets. An attacker can exploit the vulnerability to cause the CPU to automatically reboo...

7.8CVSS6.7AI score0.06371EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2016/02/12 12:0 a.m.6 views

The vulnerability of the microprogrammed software of the LifeCare PCA Infusion System allows a perpetrator to trigger a service failure or exert other effects.

The vulnerability of the microprogrammed medical equipment, the LifeCare PCA Infusion System, arises due to an overflow in the buffer on the glass. Exploiting this vulnerability could allow a malicious actor to cause malfunctions in the system, or possibly have other effects through TCP packets...

10CVSS7.6AI score0.01112EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2016/01/13 12:0 a.m.4 views

PT-2016-4999 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.3.5 Description: The issue allows remote attackers to cause a denial of service, resulting in a divide-by-zero error and system crash, via crafted TCP traffic. This is due to a problem in the tcp cwnd reductio...

10CVSS6.5AI score0.22374EPSS
Exploits17References52
RedHat Linux
RedHat Linux
added 2016/01/07 3:58 p.m.7 views

rpcbind: Use-after-free vulnerability in PMAP_CALLIT

A use-after-free flaw related to the PMAPCALLIT operation and TCP/UDP connections was discovered in rpcbind. A remote, unauthenticated attacker could possibly exploit this flaw to crash the rpcbind service denial of service by performing a series of UDP and TCP calls...

7.5CVSS7.4AI score0.06408EPSS
Exploits0References4
Rows per page
Query Builder