DEBIAN-CVE-2013-4470

The Linux kernel before 3.12, when UDP Fragmentation Offload UFO is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service memory corruption and system crash or possibly gain privileges via a crafted application that uses the UDPCORK...

DEBIAN-CVE-2013-4387

net/ipv6/ip6output.c in the Linux kernel through 3.11.4 does not properly determine the need for UDP Fragmentation Offload UFO processing of small packets after the UFO queueing of a large packet, which allows remote attackers to cause a denial of service memory corruption and system crash or...

DEBIAN-CVE-2013-4162

The udpv6pushpendingframes function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service BUG and system crash via a crafted application that uses the UDPCORK option ...

Out-of-Bounds

Overview Affected versions of this package are vulnerable to Out-of-Bounds. Stack-based buffer overflow in the uniqueservicename function in ssdp/ssdpserver.c in the SSDP parser in the portable SDK for UPnP Devices aka libupnp, formerly the Intel SDK for UPnP devices 1.3.1 allows remote attackers...

PT-2012-2514 · Cisco · Cisco Asa +2

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliances ASA 5500 series devices and the ASA Services Module ASASM in Cisco Catalyst 6500 series devices versions 8.0 through 8.05.24 Cisco Adaptive Security Appliances ASA 5500 series devices and the ASA Services...

OpenJDK: excessive default UDP socket limit under SecurityManager (Networking, 7032417)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.233 and earlier allows remote attackers to affect integrity via unknown vectors related to Networking...

UBUNTU-CVE-2011-4326

The udp6ufofragment function in net/ipv6/udp.c in the Linux kernel before 2.6.39, when a certain UDP Fragmentation Offload UFO configuration is enabled, allows remote attackers to cause a denial of service system crash by sending fragmented IPv6 UDP packets to a bridge device...

kernel: rhel5 commit 6865201191 caused deadlock

The udpqueuercvskb function in net/ipv4/udp.c in a certain Red Hat build of the Linux kernel 2.6.18 in Red Hat Enterprise Linux RHEL 5 allows attackers to cause a denial of service deadlock and system hang by sending UDP traffic to a socket that has a crafted socket filter, a related issue to...

PT-2010-2040 · Microsoft · Windows Vista +2

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Vista versions Gold, SP1, and SP2 Microsoft Windows Server 2008 versions Gold and SP2 Description: A remote code execution issue exists due to improper handling of local fragmentation of Encapsulating Security Payload ESP ov...

kernel: udp socket NULL ptr dereference

The udpsendmsg function in the UDP implementation in 1 net/ipv4/udp.c and 2 net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service NULL pointer dereference and system crash via vectors involving the MSGMORE flag and a UDP socket...

DEBIAN-CVE-2008-2957

The UPnP functionality in Pidgin 2.0.0, and possibly other versions, allows remote attackers to trigger the download of arbitrary files and cause a denial of service memory or disk consumption via a UDP packet that specifies an arbitrary URL...

DEBIAN-CVE-2008-0882

Double free vulnerability in the processbrowsedata function in CUPS 1.3.5 allows remote attackers to cause a denial of service daemon crash and possibly execute arbitrary code via crafted UDP Browse packets to the cupsd port 631/udp, related to an unspecified manipulation of a remote printer. NOT...

DEBIAN-CVE-2007-2297

The SIP channel driver chansip in Asterisk before 1.2.18 and 1.4.x before 1.4.3 does not properly parse SIP UDP packets that do not contain a valid response code, which allows remote attackers to cause a denial of service crash...

CVE-2007-1170

SimBin GTR - FIA GT Racing Game 1.5.0.0 and earlier, GT Legends 1.1.0.0 and earlier, GTR 2 1.1 and earlier, and RACE - The WTCC Game 1.0 and earlier allow remote attackers to cause a denial of service client disconnection via an empty UDP packet to the server port...

DEBIAN-CVE-2006-6858

Miredo 0.9.8 through 1.0.5 does not properly authenticate a Teredo bubble during UDP hole punching with HMAC-MD5-64 hashing, which allows remote attackers to impersonate an arbitrary Teredo client...

DEBIAN-CVE-2002-1215

Multiple format string vulnerabilities in heartbeat 0.4.9 and earlier claimed as buffer overflows in some sources allow remote attackers to execute arbitrary code via certain packets to UDP port 694 incorrectly claimed as TCP in some sources...

PT-1998-1096 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue allows UDP messages to broadcast addresses, enabling a Fraggle attack. This can cause a denial of service by flooding the target. Recommendations: At the moment, there is ...

PT-1997-1098 · Sun · Sunos

Name of the Vulnerable Software and Affected Versions: SunOS version 4.1.3 Description: The issue involves malicious option settings in UDP packets that could force a reboot. Recommendations: For SunOS version 4.1.3, at the moment, there is no information about a newer version that contains a fix...

Update to Mitigate MS08-037 UDP Behavior across NAT for Forefront TMG MBE

Update to Mitigate MS08-037 UDP Behavior across NAT for Forefront TMG MBE...

Update to Mitigate MS08-037 UDP Behavior Across NAT for Microsoft ISA Server 2004 Standard Edition

Update to Mitigate MS08-037 UDP Behavior Across NAT for Microsoft ISA Server 2004 Standard Edition...