Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Fragmentation Denial of Service Vulnerability

A vulnerability in the Internet Key Exchange IKE version 2 v2 fragmentation code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to an improper handling of crafted, fragmented IKEv2 packets. An...

Cisco ASA / IOS IKE Fragmentation Vulnerability

The remote Cisco Adaptive Security Appliance ASA or device running IOS / IOS XE is affected by one of the following vulnerabilities in the Internet Key Exchange IKE implementation : - An overflow condition exists in both the IKE and IKEv2 implementations due to improper validation of user-supplie...

Android WebView remote code execution vulnerability analysis-vulnerability warning-the black bar safety net

In the past period of time, the WebView remote code execution vulnerability can be said to be swept a large number of the Android App query some vulnerabilities of the platform can be substantially the case, given the many loopholes in the App and not disclosed, and therefore WebVeiw remote code...

USN-2777-1 linux-lts-utopic vulnerabilities

It was discovered that virtio networking in the Linux kernel did not handle fragments correctly, leading to kernel memory corruption. A remote attacker could use this to cause a denial of service system crash or possibly execute code with administrative privileges. CVE-2015-5156 Benjamin Randazzo...

USN-2776-1 linux vulnerabilities

It was discovered that the Linux kernel did not check if a new IPv6 MTU set by a user space application was valid. A remote attacker could forge a route advertisement with an invalid MTU that a user space daemon like NetworkManager would honor and apply to the kernel, causing a denial of service...

Oracle: Security Advisory (ELSA-2015-3015)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2015-3014)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2015:1727-1 Security update for kernel-source

The SUSE Linux Enterprise 12 kernel was updated to 3.12.48-52.27 to receive various security and bugfixes. Following security bugs were fixed: CVE-2015-7613: A flaw was found in the Linux kernel IPC code that could lead to arbitrary code execution. The ipcaddid function initialized a shared objec...

F5 BIG-IP FastL4 Virtual Server Message Handling Denial of Service Vulnerability

F5 BIG-IP APM is a globally unified access and security solution for business-critical applications and networks. A security vulnerability exists in F5 BIG-IP that allows a remote attacker to exploit the vulnerability to submit a special fragmentation message that causes the TMM to reboot,...

Amazon Linux: Security Advisory (ALAS-2011-26)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2013-252)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2015-4146

The EAP-pwd peer implementation in hostapd and wpasupplicant 1.0 through 2.4 does not clear the L Length and M More flags before determining if a response should be fragmented, which allows remote attackers to cause a denial of service crash via a crafted message...

DEBIAN-CVE-2015-4146

The EAP-pwd peer implementation in hostapd and wpasupplicant 1.0 through 2.4 does not clear the L Length and M More flags before determining if a response should be fragmented, which allows remote attackers to cause a denial of service crash via a crafted message...

UBUNTU-CVE-2015-4146

The EAP-pwd peer implementation in hostapd and wpasupplicant 1.0 through 2.4 does not clear the L Length and M More flags before determining if a response should be fragmented, which allows remote attackers to cause a denial of service crash via a crafted message...

Input validation

The Overlay Transport Virtualization OTV implementation in Cisco IOS XE 3.10S allows remote attackers to cause a denial of service device reload via a series of packets that are considered oversized and trigger improper fragmentation handling, aka Bug IDs CSCup37676 and CSCup30335...

Cisco IOS XE Software OTV Processing Code Denial of Service Vulnerability

A vulnerability in the Overlay Transport Virtualization OTV processing code of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a reload of the affected device. The vulnerability is due to improper processing of oversized OTV frames passing through an affected...

IPv6 toolkit

A security assessment and troubleshooting tool for the IPv6 protocols The SI6 Networks’ IPv6 toolkit is a set of IPv6 security/trouble-shoting tools, that can send arbitrary IPv6-based packets. IPv6 toolkit: List of Tools addr6: An IPv6 address analysis and manipulation tool. flow6: A tool to...

CVE-2015-0640

The high-speed logging HSL feature in Cisco IOS XE 2.x and 3.x before 3.10.4S, 3.11 before 3.11.3S, 3.12 before 3.12.1S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to cause a denial of service device reload via large IP packets that require NAT and H...

CVE-2015-0640

The high-speed logging HSL feature in Cisco IOS XE 2.x and 3.x before 3.10.4S, 3.11 before 3.11.3S, 3.12 before 3.12.1S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to cause a denial of service device reload via large IP packets that require NAT and H...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2015-3014)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-3014 advisory. - kvm: fix excessive pages un-pinning in kvmiommumap error path. Quentin Casasnovas Orabug: 20687314 CVE-2014-3601 CVE-2014-8369 CVE-2014-3601 -...