kernel: Use-after-free vulnerability in DCCP socket

A use-after-free vulnerability was found in DCCP socket code affecting the Linux kernel since 2.6.16. This vulnerability could allow an attacker to their escalate privileges...

The vulnerability of the QoS subsystem of Cisco IOS and Cisco IOS XE operating systems allows a attacker to trigger service failures and execute arbitrary code.

The vulnerability of the Quality of Service QoS subsystem of Cisco IOS and Cisco IOS XE operating systems arises from operations that exceed buffer limits in memory when processing certain values in packets. Exploiting this vulnerability allows a malicious actor to cause service failures and...

artemis/hornetq: memory exhaustion via UDP and JGroups discovery

It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError...

artemis/hornetq: memory exhaustion via UDP and JGroups discovery

It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError...

DEBIAN-CVE-2018-1000116

NET-SNMP version 5.7.2 contains a heap corruption vulnerability in the UDP protocol handler that can result in command execution...

USN-3588-1 memcached vulnerabilities

Daniel Shapira discovered an integer overflow issue in Memcached. A remote attacker could use this to cause a denial of service daemon crash. CVE-2017-9951 It was discovered that Memcached listened to UDP by default. A remote attacker could use this as part of a distributed denial of service...

artemis/hornetq: memory exhaustion via UDP and JGroups discovery

It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError...

artemis/hornetq: memory exhaustion via UDP and JGroups discovery

It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError...

artemis/hornetq: memory exhaustion via UDP and JGroups discovery

It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError...

Unix Command Shell, Reverse UDP (via socat)

Creates an interactive shell via socat This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 87 include Msf::Payload::Single include Msf::Sessions::CommandShellOptions def initializeinfo...

CVE-2017-12741

Specially crafted packets sent to port 161/udp could cause a denial of service condition. The affected devices must be restarted manually...

Intel Puma Denial of Service Vulnerability (CNVD-2017-30935)

Intel Puma is a system-on-chip SoC from Intel. Intel Puma suffers from a denial of service vulnerability that allows remote attackers to cause a denial of service performance degradation by sending a moderate amount of small packets to many TCP or UDP ports...

openvswitch: Buffer over-read while parsing malformed TCP, UDP and IPv6 packets

A buffer over-read was found in the Open vSwitch OvS firewall implementation. This flaw can be triggered by parsing a specially crafted TCP, UDP, or IPv6 packet. A remote attack could use this flaw to cause a Denial of Service DoS...

log4j: Socket receiver deserialization vulnerability

It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the...

log4j: Socket receiver deserialization vulnerability

It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the...

log4j: Socket receiver deserialization vulnerability

It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the...

BSA-2017-373

Security Advisory ID : BSA-2017-373 Component : NFSv4 Revision : 2.0: Interim The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packet from a remote attacker. This type value is...

UBUNTU-CVE-2017-8797

The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packet from a remote attacker. This type value is uninitialized upon encountering certain error conditions. This value is used a...

DEBIAN-CVE-2017-8797

The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packet from a remote attacker. This type value is uninitialized upon encountering certain error conditions. This value is used a...

Cisco Virtualized Packet Core-Distributed Instance Denial of Service Vulnerability

Cisco Virtualized Packet Core VPC is the StarOS release by product. A security vulnerability in the ingress UDP packet processing function of Cisco Virtualized Packet CoreDistributed Instance VPCDI Software could allow an unauthenticated, remote attacker to cause a denial of service by overloadin...