Xen xen-netback xenvif_set_hash_mapping Integer Overflow Exploit

Exploit for multiple platform in category dos / poc Xen: integer overflow in xen-netback xenvifsethashmapping The xen-netback linux kernel module is the default backend for Xen's virtual network devices. Since commit 40d8abdee806d496a60ee607a6d01b1cd7fabaf0 the backend supports an additional...

kernel: TCP segments with random offsets allow a remote denial of service (SegmentSmack)

A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time and calculation expensive calls to tcpcollapseofoqueue and tcppruneofoqueue functions by sending specially modified packets within ongoing T...

FreeBSD CPU Resource Consumption Vulnerability

FreeBSD is a set of Unix-like free operating systems in the FreeBSD project, headed by the Core Team team, and is an important branch of Unix-like systems that have evolved through BSD, 386BSD, and 4.4BSD. A security vulnerability exists in FreeBSD versions prior to 11.2-RELEASE-p1,...

CVE-2017-2634

It was found that the Linux kernel's Datagram Congestion Control Protocol DCCP implementation before 2.6.22.17 used the IPv4-only inetskrebuildheader function for both IPv4 and IPv6 DCCP connections, which could result in memory corruptions. A remote attacker could use this flaw to crash the syst...

CVE-2017-2634

It was found that the Linux kernel's Datagram Congestion Control Protocol DCCP implementation before 2.6.22.17 used the IPv4-only inetskrebuildheader function for both IPv4 and IPv6 DCCP connections, which could result in memory corruptions. A remote attacker could use this flaw to crash the syst...

The vulnerability of the TCP/IP component in InduSoft Web Studio and InTouch Machine Edition HMI/SCADA systems allows attackers to execute arbitrary code or cause malfunctions during maintenance operations.

The vulnerability of the TCP/IP component in InduSoft Web Studio and InTouch Machine Edition HMI/SCADA systems arises from buffer overflows due to deficiencies in input data processing tags, events, signaling messages. Exploiting this vulnerability allows a remote attacker to execute arbitrary co...

Cisco FireSIGHT System Remote Security Bypass Vulnerability

The Cisco FireSIGHT System is an integrated suite of network security and traffic management products that can be deployed on a dedicated platform or as a software solution. A URL-based remote security bypass vulnerability exists in the detection engine of the Cisco FireSIGHT System. The...

kernel: Missing length check of payload in net/sctp/sm_make_chunk.c:_sctp_make_chunk() function allows denial of service

An error in the "sctpmakechunk" function net/sctp/smmakechunk.c when handling SCTP, packet length can be exploited by a malicious local user to cause a kernel crash and a DoS...

DEBIAN-CVE-2018-5803

In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "sctpmakechunk" function net/sctp/smmakechunk.c when handling SCTP packets length can be exploited to cause a kernel crash...

CVE-2018-3852

An exploitable denial of service vulnerability exists in the Ocularis Recorder functionality of Ocularis 5.5.0.242. A specially crafted TCP packet can cause a process to terminate resulting in denial of service. An attacker can send a crafted TCP packet to trigger this vulnerability...

Wireshark Buffer Overflow Vulnerability (CNVD-2018-12180)

Wireshark is a network packet analyzer. Wireshark is a network packet analyzer that captures network packets and displays the most detailed network packet information possible.Wireshark uses WinPCAP as an interface to exchange data packets directly with the network card. A buffer overflow...

Cisco SocialMiner Denial of Service Vulnerability

Cisco SocialMiner is the United States Cisco Cisco a social media call center solution. The solution supports social media monitoring and analytics. A denial of service vulnerability exists in the TCP stack in Cisco SocialMiner. A remote attacker could exploit this vulnerability to cause a denial...

Moxa EDR-810 Information Disclosure Vulnerability

The EDR-810 is a highly integrated industrial multi-port security router with firewall/NAT/VPN and two-layer manageable switch functionality. An information disclosure vulnerability exists in the server proxy feature of the Moxa EDR-810 V4.1 build 17030317. An attacker can exploit this...

CVE-2017-12128

An exploitable information disclosure vulnerability exists in the Server Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted TCP packet can cause information disclosure. An attacker can send a crafted TCP packet to trigger this vulnerability...

PT-2018-5369 · Moxa · Moxa Edr-810

Name of the Vulnerable Software and Affected Versions: Moxa EDR-810 version 4.1 build 17030317 Description: An information disclosure issue exists in the Server Agent functionality. A specially crafted TCP packet can cause information disclosure. An attacker can send a crafted TCP packet to trigg...

DEBIAN-CVE-2018-1130

Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccpwritexmit function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls...

CVE-2018-5517

On F5 BIG-IP 13.1.0-13.1.0.5, malformed TCP packets sent to a self IP address or a FastL4 virtual server may cause an interruption of service. The control plane is not exposed to this issue. This issue impacts the data plane virtual servers and self IPs...

DEBIAN-CVE-2018-9258

In Wireshark 2.4.0 to 2.4.5, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by preserving valid data sources...

Wireshark Denial of Service Vulnerability (CNVD-2018-07438)

Wireshark formerly Ethereal is a suite of network packet analysis software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis.TCP dissector is one of the transmission control protocol parsers. A security vulnerabili...

The vulnerability of the TCP packet processing driver in Snort and Suricata IDS systems allows attackers to bypass network attack detection functions.

The vulnerability of the TCP packet processing driver in Snort and Suricata IDS systems is related to the implementation of an internal mechanism for handling TCP connections. Exploiting this vulnerability allows a malicious actor to bypass the network attack detection functions, which are...