PT-2023-1261 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 20.2R3-S7 Junos OS versions 20.4 prior to 20.4R3-S4 Junos OS versions 21.1 prior to 21.1R3-S3 Junos OS versions 21.2 prior to 21.2R3-S1 Junos OS versions 21.3 prior to 21.3R3 Junos OS versions 21.4 prior to 21.4R3...

kernel: nfsd buffer overflow by RPC message over TCP with garbage data

A buffer overflow flaw was found in the Linux kernel nfsd network file system subsystem. The way a user sends RPC over TCP with excess data added at the end of the message could allow a remote user to starve the resources, causing a denial of service...

kernel: nfsd buffer overflow by RPC message over TCP with garbage data

A buffer overflow flaw was found in the Linux kernel nfsd network file system subsystem. The way a user sends RPC over TCP with excess data added at the end of the message could allow a remote user to starve the resources, causing a denial of service...

Micro-Star International MSI Center 数据伪造问题漏洞

Micro-Star International MSI Center is a monitoring and management platform from Micro-Star International China. All your favorite features can be found on the Feature Set page, such as Gaming Mode or Smart Priority. A security vulnerability exists in Micro-Star International MSI Center version...

kernel: off-path attacker may inject data or terminate victim's TCP session

A TCP/IP packet spoofing attack flaw was found in the Linux kernel’s TCP/IP protocol, where a Man-in-the-Middle Attack MITM performs an IP fragmentation attack and an IPID collision. This flaw allows a remote user to pretend to be the sender of the TCP/IP packet for an existing TCP/IP session...

kernel: tcp: add accessors to read/set tp->snd_cwnd

In the Linux kernel, the following vulnerability has been resolved: tcp: add accessors to read/set tp-sndcwnd We had various bugs over the years with code breaking the assumption that tp-sndcwnd is greater than zero. Lately, syzbot reported the WARNONONCE!tp-priorcwnd added in commit 8b8a321ff72c...

PT-2022-35292 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.75 Description: The issue is related to a potential data-race around tcp md5sig pool populated in the TCP protocol. The actual impact and attack plausibility have not yet been proven. Recommendations: For...

The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

...

kernel: off-path attacker may inject data or terminate victim's TCP session

A TCP/IP packet spoofing attack flaw was found in the Linux kernel’s TCP/IP protocol, where a Man-in-the-Middle Attack MITM performs an IP fragmentation attack and an IPID collision. This flaw allows a remote user to pretend to be the sender of the TCP/IP packet for an existing TCP/IP session...

DEBIAN-CVE-2022-43945

The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call RPC into a single array of pages. A client can force the send...

The vulnerability of the Tunnel Mode mode in the implementation of SSL VPN technology for FortiOS operating systems allows a perpetrator to cause a service failure.

The vulnerability of the Tunnel Mode mode in the FortiOS operating system-based SSL VPN technology stems from the fact that data operations go beyond the buffer in memory when processing LCP packets. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

CVE-2020-5355

The Dell Isilon OneFS versions 8.2.2 and earlier SSHD process improperly allows Transmission Control Protocol TCP and stream forwarding. This provides the remotesupport user and users with restricted shells more access than is intended...

Dell EMC Isilon OneFS 安全漏洞

Dell EMC Isilon OneFS is a horizontally scalable storage system for unstructured data from Dell USA. A security vulnerability exists in Dell EMC Isilon OneFS 8.2.2 and prior versions that stems from the SSHD process improperly allowing Transmission Control Protocol TCP and streaming. This provide...

CVE-2022-36795

In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, and 14.1.x before 14.1.5.1, when an LTM TCP profile with Auto Receive Window Enabled is configured on a virtual server, undisclosed traffic can cause the virtual server to stop processing new client connectio...

Siemens LOGO! 8 BM 输入验证错误漏洞

A security vulnerability exists in Siemens LOGO! 8 BM, a programming software for the Windows platform used in industrial environments from Siemens, Germany. The vulnerability stems from the inability to properly validate offset values defined in TCP packets when calling methods. An attacker coul...

PT-2022-7652 · Siemens · Logo! 230Rce +6

Name of the Vulnerable Software and Affected Versions: LOGO! 12/24RCE versions 6ED1052-1MD08-0BA1 LOGO! 12/24RCEo versions 6ED1052-2MD08-0BA1 LOGO! 230RCE versions 6ED1052-1FB08-0BA1 LOGO! 230RCEo versions 6ED1052-2FB08-0BA1 LOGO! 24CE versions 6ED1052-1CC08-0BA1 LOGO! 24CEo versions...

The vulnerability of the Junos operating system, which allows a hacker to trigger a service failure

The vulnerability of the Junos operating system is related to a memory leak in the control protocol daemon l2cpd. Exploiting this vulnerability can allow an attacker to trigger a service failure using a specially crafted LLDP packet...

OESA-2022-1941 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A flaw was found in the sctpmakestrresetreq function in net/sctp/smmakechunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated...

Unified Remote Auth Bypass to RCE

This module utilizes the Unified Remote remote control protocol to type out and deploy a payload. The remote control protocol can be configured to have no passwords, a group password, or individual user accounts. If the web page is accessible, the access control is set to no password for...

Microsoft Windows TCP/IP component 安全漏洞

The Microsoft Windows TCP/IP component is a Microsoft component that provides TCP/IP configuration capabilities for Windows. A security vulnerability exists in Microsoft Windows TCP/IP. No detailed vulnerability details are provided at this time...