Lucene search
K

398 matches found

Prion
Prion
added 2023/03/23 5:15 p.m.24 views

Design/Logic Flaw

A vulnerability in the fragmentation handling code of tunnel protocol packets in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected system to reload, resulting in a denial of service DoS condition. This vulnerability is due to the improper handling of large...

5CVSS8.3AI score0.0098EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/03/23 12:0 a.m.39 views

CVE-2023-20027 Cisco IOS XE Software Virtual Fragmentation Reassembly Denial of Service Vulnerability

A vulnerability in the implementation of the IPv4 Virtual Fragmentation Reassembly VFR feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper reassembly of large packe...

8.6CVSS8.5AI score0.0098EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/03/22 12:0 a.m.4 views

PT-2023-2218 · Cisco · Cisco Ios Xe

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software affected versions not specified Description: A vulnerability in the implementation of the IPv4 Virtual Fragmentation Reassembly VFR feature could allow an unauthenticated, remote attacker to cause a denial of service DoS...

8.6CVSS8.3AI score0.0098EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/03/22 12:0 a.m.5 views

PT-2023-1888 · Cisco · Cisco Ios Xe

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software affected versions not specified Description: A vulnerability in the fragmentation handling code of tunnel protocol packets could allow an unauthenticated, remote attacker to cause an affected system to reload, resulting ...

8.6CVSS8.3AI score0.0098EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/03/14 12:0 a.m.2 views

PT-2023-1665 · Microsoft · Windows 11 +7

Name of the Vulnerable Software and Affected Versions: Windows Server 2008 versions prior to Mar 14, 2023 Windows Server 2012 versions prior to Mar 14, 2023 Windows Server 2016 versions prior to Mar 14, 2023 Windows 10 versions prior to Mar 14, 2023 Windows 11 versions prior to Mar 14, 2023 Windo...

10CVSS9.7AI score0.03479EPSS
Exploits0References20
F5 Networks
F5 Networks
added 2023/02/21 6:54 p.m.32 views

K65615624: BIG-IP FastL4 TMM vulnerability CVE-2017-6166

Security Advisory Description In BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe software 12.0.0 to 12.1.1, in some cases the Traffic Management Microkernel TMM may crash when processing fragmented packets. This vulnerability affects TMM through a virtual server...

5.9CVSS6.1AI score0.01928EPSS
Exploits0Affected Software11
F5 Networks
F5 Networks
added 2023/02/21 6:52 p.m.15 views

K36300805: BIG-IP FastL4 profile vulnerability

Security Advisory Description Under certain conditions for BIG-IP systems using FastL4 profiles, when the Reassemble IP Fragments option is disabled default, a specific sequence of fragmented packets may restart the Traffic Management Microkernel TMM. Impact An attacker may be able to disrupt...

6.9AI score
Exploits0Affected Software13
SUSE CVE
SUSE CVE
added 2023/02/15 6:21 a.m.5 views

SUSE CVE-2002-0510

The UDP implementation in Linux 2.4.x kernels keeps the IP Identification field at 0 for all non-fragmented packets, which could allow remote attackers to determine that a target system is running Linux...

5CVSS9.2AI score0.02483EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:20 a.m.3 views

SUSE CVE-2004-0949

The smbrecvtrans2 function call in the samba filesystem smbfs in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to 1 read arbitrary kernel information or 2 raise a counter value to an arbitrary number by...

6.4CVSS6.8AI score0.02626EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:19 a.m.6 views

SUSE CVE-2005-0209

Netfilter in Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service kernel crash via crafted IP packet fragments...

7.8CVSS6.7AI score0.03274EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:12 a.m.4 views

SUSE CVE-2007-1365

Buffer overflow in kern/uipcmbuf2.c in OpenBSD 3.9 and 4.0 allows remote attackers to execute arbitrary code via fragmented IPv6 packets due to "incorrect mbuf handling for ICMP6 packets." NOTE: this was originally reported as a denial of service...

10CVSS8.2AI score0.1779EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:7 a.m.3 views

SUSE CVE-2008-3145

The fragmentaddwork function in epan/reassemble.c in Wireshark 0.8.19 through 1.0.1 allows remote attackers to cause a denial of service crash via a series of fragmented packets with non-sequential fragmentation offset values, which lead to a buffer over-read...

5CVSS7AI score0.02003EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:4 a.m.5 views

SUSE CVE-2009-1574

racoon/isakmpfrag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service crash via crafted fragmented packets without a payload, which triggers a NULL pointer dereference...

5CVSS6.8AI score0.11631EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:53 a.m.2 views

SUSE CVE-2011-1927

The ipexpire function in net/ipv4/ipfragment.c in the Linux kernel before 2.6.39 does not properly construct ICMPTIMEEXCEEDED packets after a timeout, which allows remote attackers to cause a denial of service invalid pointer dereference via crafted fragmented packets...

5CVSS6.5AI score0.02591EPSS
Exploits2References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:49 a.m.2 views

SUSE CVE-2012-0043

Buffer overflow in the reassemblemessage function in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a series of fragmented RLC...

5.8CVSS8.2AI score0.03155EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:46 a.m.1 views

SUSE CVE-2012-2744

net/ipv6/netfilter/nfconntrackreasm.c in the Linux kernel before 2.6.34, when the nfconntrackipv6 module is enabled, allows remote attackers to cause a denial of service NULL pointer dereference and system crash via certain types of fragmented IPv6 packets...

7.8CVSS6.5AI score0.04433EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:16 a.m.2 views

SUSE CVE-2015-5156

The virtnetprobe function in drivers/net/virtionet.c in the Linux kernel before 4.2 attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause a denial of service buffer overflow and memory corruption via a crafted sequence of fragmented packets...

6.1CVSS6.6AI score0.01164EPSS
Exploits0References12
BDU FSTEC
BDU FSTEC
added 2022/06/08 12:0 a.m.7 views

The vulnerability of the CONFIG_IP_DEFRAG function in the implementation of the IP packet defragmentation algorithm for U-Boot bootloaders of embedded Linux-based operating systems allows a hacker to cause a service failure.

The vulnerability of the CONFIGIPDEFRAG function in the implementation of the IP packet defragmentation algorithm for U-Boot bootloaders of embedded Linux operating systems is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a malicious...

7.1CVSS7.5AI score0.00439EPSS
Exploits0References3Affected Software3
ATTACKERKB
ATTACKERKB
added 2022/04/13 4:0 p.m.6 views

CVE-2022-22185

A vulnerability in Juniper Networks Junos OS on SRX Series, allows a network-based unauthenticated attacker to cause a Denial of Service DoS by sending a specific fragmented packet to the device, resulting in a flowd process crash, which is responsible for packet forwarding. Continued receipt and...

7.5CVSS7.1AI score0.00934EPSS
Exploits0References2Affected Software1
Ubuntu
Ubuntu
added 2022/01/20 12:31 p.m.99 views

USN-5242-1: Open vSwitch vulnerability

It was discovered that Open vSwitch incorrectly handled certain fragmented packets. A remote attacker could possibly use this issue to cause Open vSwitch to consume resources, leading to a denial of service...

7.5CVSS7.5AI score0.01576EPSS
Exploits1
Rows per page
Query Builder