The vulnerability of the UDP service in the Microsoft Windows operating system allows a perpetrator to cause a service failure and a device restart.

The vulnerability of the UDP service in the Microsoft Windows operating system is related to insufficient data processing speed. Exploiting this vulnerability can allow a malicious actor to cause service failure and forced restarts of devices through specially crafted SIP messages...

rpcbind, LIBTIRPC and NTIRPC Denial of Service Vulnerabilities

rpcbind, LIBTIRPC, and NTIRPC are all applications used in Linux. rpcbind is a server that translates RPC program numbers into generic addresses; LIBTIRPC is a package that contains libraries to support programs that use the Remote Procedure Call RPC API; and NTIRPC is a stand-alone RPC library f...

DEBIAN-CVE-2017-8779

rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service memory consumption with no subsequent free via a...

UBUNTU-CVE-2017-8779

rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service memory consumption with no subsequent free via a...

Cisco Unified Communications Manager UDP Handling Denial of Service Vulnerability

Cisco Unified Communications Manager is an enterprise-class IP telephony call processing system. Cisco Unified Communications Manager has a security vulnerability in the Session Initiation Protocol SIP UDP throttling process, which could be exploited by a remote attacker to submit a special reque...

CVE-2017-3867

A vulnerability in the Border Gateway Protocol BGP Bidirectional Forwarding Detection BFD implementation of Cisco Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to bypass the access control list ACL for specific TCP and UDP traffic. More Information:...

PT-2017-4330 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.11.3 Description: The issue is related to the NFSv4 server in the Linux kernel, which does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packe...

Qemu: net: out of bounds read in net_checksum_calculate()

An out-of-bounds read-access flaw was found in the QEMU emulator built with IP checksum routines. The flaw could occur when computing a TCP/UDP packet's checksum, because a QEMU function used the packet's payload length without checking against the data buffer's size. A user inside a guest could...

Qemu: net: out of bounds read in net_checksum_calculate()

An out-of-bounds read-access flaw was found in the QEMU emulator built with IP checksum routines. The flaw could occur when computing a TCP/UDP packet's checksum, because a QEMU function used the packet's payload length without checking against the data buffer's size. A user inside a guest could...

Qemu: net: out of bounds read in net_checksum_calculate()

An out-of-bounds read-access flaw was found in the QEMU emulator built with IP checksum routines. The flaw could occur when computing a TCP/UDP packet's checksum, because a QEMU function used the packet's payload length without checking against the data buffer's size. A user inside a guest could...

CVE-2016-10178

An issue was discovered on the D-Link DWR-932B router. HELODBG on port 39889 UDP launches the "/sbin/telnetd -l /bin/sh" command...

ALPINE-CVE-2016-7936

The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udpprint...

UBUNTU-CVE-2016-7936

The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udpprint...

Qemu: net: out of bounds read in net_checksum_calculate()

An out-of-bounds read-access flaw was found in the QEMU emulator built with IP checksum routines. The flaw could occur when computing a TCP/UDP packet's checksum, because a QEMU function used the packet's payload length without checking against the data buffer's size. A user inside a guest could...

IKEv1 protocol is vulnerable to DoS amplification attack

A traffic amplification flaw was found in the Internet Key Exchange version 1 IKEv1 protocol. A remote attacker could use a libreswan server with IKEv1 enabled in a network traffic amplification denial of service attack against other hosts on the network by sending UDP packets with a spoofed sour...

Cisco NX-OS Software Information Disclosure Vulnerability (CNVD-2016-09464)

Cisco NX-OS is a data center-class operating system from Cisco that embodies modular design, perpetuity, and maintainability. An information disclosure vulnerability exists in versions prior to Cisco NX-OS 7.07.0has allowed remote attackers to obtain sensitive information via TCP or UDP...

CVE-2016-1263

Juniper Junos OS before 12.1X46-D45, 12.1X46-D50, 12.1X47 before 12.1X47-D35, 12.3X48 before 12.3X48-D30, 13.3 before 13.3R9-S1, 14.1 before 14.1R7, 14.2 before 14.2R6, 15.1 before 15.1F2-S5, 15.1F4 before 15.1F4-S2, 15.1R before 15.1R2-S3, 15.1 before 15.1R3, and 15.1X49 before 15.1X49-D40 allow...

Stack Buffer Overflow Vulnerability in Legba Incorporated YateBTS

Legba Incorporated YateBTS is software for analog protocol stacks for GSM networks. A stack buffer overflow vulnerability exists in Legba Incorporated YateBTS. An attacker could exploit the vulnerability by sending an oversized UDP packet resulting in a memory buffer overflow, which in turn could...

Stack Buffer Overflow Vulnerability in OsmoCOM Osmo-TRX/Osmo-BTS

Osmocom is a series of projects on open source mobile communications, including software tools for GSM, DECT, TETRA and other mobile communication standards. A stack buffer overflow vulnerability exists in OsmoCOM Osmo-TRX/Osmo-BTS. An attacker could exploit the vulnerability by sending an...

Microprogramming software for Siemens SIPROTEC 4 relay protection microprocessors

The vulnerability of the software of the Siemens SIPROTEC 4 relay protection micro-processor terminal allows a remote attacker to cause a malfunction of the micro-processor terminal by sending a specially crafted UDP packet to port 50000. This causes the micro-processor terminal to cease...