1318 matches found
Siemens SIMATIC S7-1500 Denial of Service Vulnerability (CNVD-2016-00931)
The Siemens SIMATIC S7-1500 is a controller family with a modular structure. A denial of service vulnerability exists in Siemens SIMATIC S7-1500 versions prior to 1.8.3 when processing specially crafted TCP packets. An attacker can exploit the vulnerability to cause the CPU to automatically reboo...
The vulnerability of the microprogrammed software of the LifeCare PCA Infusion System allows a perpetrator to trigger a service failure or exert other effects.
The vulnerability of the microprogrammed medical equipment, the LifeCare PCA Infusion System, arises due to an overflow in the buffer on the glass. Exploiting this vulnerability could allow a malicious actor to cause malfunctions in the system, or possibly have other effects through TCP packets...
PT-2016-4999 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.3.5 Description: The issue allows remote attackers to cause a denial of service, resulting in a divide-by-zero error and system crash, via crafted TCP traffic. This is due to a problem in the tcp cwnd reductio...
rpcbind: Use-after-free vulnerability in PMAP_CALLIT
A use-after-free flaw related to the PMAPCALLIT operation and TCP/UDP connections was discovered in rpcbind. A remote, unauthenticated attacker could possibly exploit this flaw to crash the rpcbind service denial of service by performing a series of UDP and TCP calls...
Wireshark SCTP Parser Denial of Service Vulnerability
Wireshark is the most popular network protocol parser. Wireshark version 2.0.x prior to 2.0.1 and version 1.12.x prior to 1.12.9, epan/dissectors/packet-sctp.c in the SCTP parser does not validate the frame pointer, which can be exploited by remote attackers to cause a denial of service null...
UBUNTU-CVE-2015-8722
epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the frame pointer, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted packet...
Cisco Unified Computing System (UCS) Denial of Service Vulnerability
Cisco Unified Computing System Manager provides unified, embedded management of all hardware and software components within a unified computing system. A security vulnerability exists in the SSH management interface of the Fabric Interconnect 6200 appliance. A remote attacker could cause a denial...
kernel: Creating multiple sockets when SCTP module isn't loaded leads to kernel panic
A NULL pointer dereference flaw was found in the SCTP implementation. A local user could use this flaw to cause a denial of service on the system by triggering a kernel panic when creating multiple sockets in parallel while the system did not have the SCTP module loaded...
wireshark: NCP dissector crashes (wnpa-sec-2014-22)
The buildexpertdata function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 does not properly initialize a data structure, which allows remote attackers to cause a denial of service application crash via a crafted packet...
Cisco AsyncOS Denial of Service Vulnerability (CNVD-2015-07404)
The Cisco AsyncOS operating system is available to enhance the security and performance of Cisco email security appliances. There is a security vulnerability in the Cisco AsyncOS f network stack. a remote attacker sends a large number of TCP packets that consume system memory and perform a...
USN-2797-1 linux-lts-utopic vulnerabilities
It was discovered that the Linux kernel did not check if a new IPv6 MTU set by a user space application was valid. A remote attacker could forge a route advertisement with an invalid MTU that a user space daemon like NetworkManager would honor and apply to the kernel, causing a denial of service...
Cisco TelePresence Server DoS
Conference Control Protocol API buffer overflow...
CVE-2015-6284
Buffer overflow in the Conference Control Protocol API implementation in Cisco TelePresence Server software before 4.12.33 on 7010, MSE 8710, Multiparty Media 310 and 320, and Virtual Machine devices allows remote attackers to cause a denial of service device crash via a crafted URL, aka Bug ID...
Apple iOS xnu TCP Message Header Checksum Vulnerability
Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. A security vulnerability in the Apple iOS XNU TCP message header checksum allows an attacker to conduct a denial-of-service attack on a targeted TCP link without knowing the correct sequence number...
Cisco TelePresence Server Software API Buffer Overflow Vulnerability
Cisco TelePresence Server Software is a videoconferencing solution known as a "telepresence" system. The program provides audio, video space and other components to provide remote participants with a "face-to-face" virtual meeting room effect. A buffer overflow vulnerability exists in the...
Cisco TelePresence Server Denial of Service Vulnerability
Cisco TelePresence Server contains a buffer overflow vulnerability in the Conference Control Protocol API that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. Cisco has released software updates that address this vulnerability. No workarounds that...
kernel: SCTP race condition allows list corruption and panic from userlevel
A race condition flaw was found in the way the Linux kernel's SCTP implementation handled Address Configuration lists when performing Address Configuration Change ASCONF. A local attacker could use this flaw to crash the system via a race condition triggered by setting certain ASCONF options on a...
USN-2717-1 linux-lts-utopic vulnerability
Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change ASCONF options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service system crash...
The vulnerability of the Business Process Manager operating system, which allows a perpetrator to trigger a service failure
The vulnerability of the LPTS operating system’s Business Process Manager implementation is related to resource management errors. Exploiting this vulnerability allows a malicious actor to cause service interruptions by continuously sending specially crafted packets to TCP and UDP ports...
Juniper Pulse Secure TCP Hardware Acceleration User Data Access Vulnerability
Juniper Networks' Secure Access is an enterprise-grade SSL VPN access device, and the operating system running on the device is Juniper IVE OS. A security vulnerability in Juniper Pulse Secure TCP Hardware Acceleration allows remote users to exploit a TCP handshake checksum vulnerability which, i...