TLS handshake fails with any TLS LB VIP FIPS 9700 - Reset code 9811 from ADC

Cannot reach Netscaler Gateway Page FIPS Not able to form any TLS handshake with any LB VIP on ADC ADC sends REST with code :: 9811 Transmission Control Protocol, Src Port: 443, Dst Port: 62706, Seq: 4271, Ack: 860, Len: 0 Source Port: 443 Destination Port: 62706 Stream index: 0 TCP Segment Len: ...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4285-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4285-1 advisory. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacke...

USN-4286-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. CVE-2019-14615 It was discovered that a race condition existed in the Softmac USB Prism54 devi...

The vulnerability of the SCTP control protocol implementation in the StarOS operating system allows a attacker to induce a service failure.

The vulnerability of the SCTP control protocol implementation in the StarOS operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

CVE-2019-15989

A vulnerability in the implementation of the Border Gateway Protocol BGP functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to incorrect processing of a BGP update message that contains a...

CVE-2019-20096

A flaw was found in the Linux kernel’s implementation of the Datagram Congestion Control Protocol DCCP. A local attacker with access to the system can create DCCP sockets to cause a memory leak and repeat this operation to exhaust all memory and panic the system. Mitigation As the DCCP module wil...

DEBIAN-CVE-2019-18625

An issue was discovered in Suricata 5.0.0. It was possible to bypass/evade any tcp based signature by faking a closed TCP session using an evil server. After the TCP SYN packet, it is possible to inject a RST ACK and a FIN ACK packet with a bad TCP Timestamp option. The client will ignore the RST...

DEBIAN-CVE-2019-18792

An issue was discovered in Suricata 5.0.0. It is possible to bypass/evade any tcp based signature by overlapping a TCP segment with a fake FIN packet. The fake FIN packet is injected just before the PUSH ACK packet we want to bypass. The PUSH ACK packet containing the data will be ignored by...

PT-2020-6917 · Suricata · Suricata

Name of the Vulnerable Software and Affected Versions: Suricata version 5.0.0 Description: An issue was discovered in Suricata that allows an attacker to bypass or evade any TCP-based signature by overlapping a TCP segment with a fake FIN packet. The fake FIN packet is injected just before the PU...

CVE-2019-14899

creationtimestamp| type| source ---|---|--- 2019-12-05 21:38:24+00:00| seen| https://t.me/ctinow/18348 2019-12-06 12:07:14+00:00| seen| https://t.me/ctinow/18363 2019-12-09 08:19:50+00:00| seen| https://t.me/thehackernews/553 2019-12-16 13:54:00+00:00| seen|...

Denial of Service Vulnerability in DIGI PortServer TS 1 TCP Protocol

The PortServer TS series of terminal servers provide simple, reliable and cost-effective serial connections to the network. A denial of service vulnerability exists in the DIGI PortServer TS 1 TCP protocol. An attacker could exploit the vulnerability to launch a denial of service attack...

kernel: SCTP socket buffer memory leak leading to denial of service

The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack...

Tcpdump HNCP parser buffer overflow vulnerability

tcpdump is a message analysis tool. Tcpdump HNCP parser print-hncp.c:printprefix contains a security vulnerability that can be exploited by remote attackers to submit a special request that can crash an application...

The vulnerability of the Cisco Fabric Services component of the Cisco NX-OS operating system, which allows a intruder to trigger a service failure.

The vulnerability of the Cisco Fabric Services component of the Cisco NX-OS operating system is related to errors in processing TCP packets. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

CVE-2019-12664 Cisco IOS XE Software ISDN Data Leak Vulnerability

A vulnerability in the Dialer interface feature for ISDN connections in Cisco IOS XE Software for Cisco 4000 Series Integrated Services Routers ISRs could allow an unauthenticated, adjacent attacker to pass IPv4 traffic through an ISDN channel prior to successful PPP authentication. The...

Cisco IOS XE Software ISDN Data Leak Vulnerability

A vulnerability in the Dialer interface feature for ISDN connections in Cisco IOS XE Software for Cisco 4000 Series Integrated Services Routers ISRs could allow an unauthenticated, adjacent attacker to pass IPv4 traffic through an ISDN channel prior to successful PPP authentication. The...

CVE-2019-15702

In the TCP implementation gnrctcp in RIOT through 2019.07, the parser for TCP options does not terminate on all inputs, allowing a denial-of-service, because sys/net/gnrc/transportlayer/tcp/gnrctcpoption.c has an infinite loop for an unknown zero-length option...

CVE-2019-12261

Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component issue 3 of 4. This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect to a remote host...

PT-2019-4731 · Wind River · Vxworks

Name of the Vulnerable Software and Affected Versions: Wind River VxWorks versions 6.9 through vx7 Description: The issue is related to a Buffer Overflow in the TCP component, specifically a TCP Urgent Pointer state confusion caused by a malformed TCP AO option. This can be exploited by sending...

Cisco SD-WAN Solution Packet Filter Bypass Vulnerability

Cisco SD-WAN Solution is a suite of network extension solutions from Cisco. A packet filter bypass vulnerability exists in Cisco SD-WAN Solution version 19.1.0 and earlier. The vulnerability stems from improper traffic filtering conditions on the affected device. An attacker can exploit this...