136 matches found
CVE-2017-12244
A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause high CPU utilization or to cause a denial of service DoS condition because the Snort process restarts unexpectedly. The vulnerability is due...
Cisco IOS XR Software Crafted IPv6 Packet DoS (cisco-sa-20150611-iosxr)
The remote Cisco IOS XR device is affected by a denial of service vulnerability due to improper processing of IPv6 packets carrying extension headers that are otherwise valid but are unlikely to occur during normal operation. A remote attacker, using a specially crafted packet, can cause a reload...
CVE-2015-0769
Cisco IOS XR 4.0.1 through 4.2.0 for CRS-3 Carrier Routing System allows remote attackers to cause a denial of service NPU ASIC scan and line-card reload via crafted IPv6 extension headers, aka Bug ID CSCtx03546...
Code injection
Cisco IOS XR 4.0.1 through 4.2.0 for CRS-3 Carrier Routing System allows remote attackers to cause a denial of service NPU ASIC scan and line-card reload via crafted IPv6 extension headers, aka Bug ID CSCtx03546...
Cisco Patches IPv6 Vulnerability in Carrier Routers
Cisco said on Thursday it has patched a denial of service vulnerability in its IOS XR software used in carrier-grade routers. The vulnerability, Cisco said, rests in the IPv6 processing code used by IOS XR in the Cisco CRS-3 Carrier Routing System. The bug is remotely exploitable and is due to...
Cisco IOS XR Software Crafted IPv6 Packet Denial of Service Vulnerability
A vulnerability in the IP version 6 IPv6 processing code of Cisco IOS XR Software for Cisco CRS-3 Carrier Routing System could allow an unauthenticated, remote attacker to trigger an ASIC scan of the Network Processor Unit NPU and a reload of the line card processing an IPv6 packet. The...
Cisco IOS XR Denial-of-Service Vulnerability
Cisco has identified a vulnerability that could allow an unauthenticated remote attacker to cause a denial-of-service condition. The vulnerability is due to improper processing of malformed IPv6 packets carrying extension headers. A Cisco Carrier Routing System 3 CRS-3 running a version of Cisco...
Cisco IPv6 Denial of Service Vulnerability
Cisco has identified a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service condition. The vulnerability is due to improper processing of malformed IPv6 packets carrying extension headers. Cisco Network Convergence System 6000 NCS 6000 and Cisco Carrier...
Code injection
Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System NCS 6000 devices and 5.1.3 and 5.1.4 on Carrier Routing System X CRS-X devices allows remote attackers to cause a denial of service line-card reload via malformed IPv6 packets with extension headers, aka Bug ID CSCuq95241...
CVE-2015-0618
Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System NCS 6000 devices and 5.1.3 and 5.1.4 on Carrier Routing System X CRS-X devices allows remote attackers to cause a denial of service line-card reload via malformed IPv6 packets with extension headers, aka Bug ID CSCuq95241...
Cisco IOS XR Software IPv6 Malformed Packet Denial of Service Vulnerability
A vulnerability in the parsing of malformed IP version 6 IPv6 packets in Cisco IOS XR Software for Cisco Network Convergence System 6000 NCS 6000 and Cisco Carrier Routing System CRS-X could allow an unauthenticated, remote attacker to cause a reload of a line card that is processing traffic. The...
wireshark: Heap-based buffer overflow when reading ERF packets from pcap/pcap-ng trace files
The pcapprocesspseudoheader function in wiretap/pcap-common.c in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service application crash via a WTAPENCAPERF file containing an Extension or Multi-Channel header with an invalid pseudoheader size,...
Ajax Upload Shell Upload
Exploit Title: Ajax Upload Arbitrary File Upload Date: 30/01/2012 Author: Daniel Godoy Author Mail: DanielGodoyatGobiernoFederaldotcom Author Web: www.delincuentedigital.com.ar Software: Ajax Upload http://valums.com/ajax-upload/ Tested on: Linux Comment Agradezco a mis amigos: Hernan Jais, Alfon...
Ajax Upload - Arbitrary File Upload
Exploit Title: Ajax Upload Arbitrary File Upload Date: 30/01/2012 Author: Daniel Godoy Author Mail: DanielGodoyatGobiernoFederaldotcom Author Web: www.delincuentedigital.com.ar Software: Ajax Upload http://valums.com/ajax-upload/ Tested on: Linux Comment Agradezco a mis amigos: Hernan Jais, Alfon...
JVN#86832361 Microsoft Windows denial of service (DoS) vulnerability
Microsoft Windows contains a denial of service DoS vulnerability caused by IPv6 packets with malformed extension headers. Impact A remote attacker could possibly cause a denial of service DoS by sending specially crafted IPv6 packets. Solution Update the software Update to the latest version...
GLSA-200708-03 : libarchive (formerly named as bsdtar): Multiple PaX Extension Header Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200708-03 libarchive formerly named as bsdtar: Multiple PaX Extension Header Vulnerabilities CPNI, CERT-FI, Tim Kientzle, and Colin Percival reported a buffer overflow CVE-2007-3641, an infinite loop CVE-2007-3644, and a NULL...