Lucene search
K

388 matches found

Mageia
Mageia
added 2016/01/29 11:2 a.m.36 views

Updated srtp packages fix security vulnerability

Srtp before 1.5.3 is vulnerable to a potential DoS attack due to lack of bounds checking on RTP header CSRC count and extension header length CVE-2015-6360...

7.8CVSS7.4AI score0.08277EPSS
Exploits0References2
CNVD
CNVD
added 2015/08/22 12:0 a.m.3 views

Cisco Aggregation Services Router 5000 and ASR 5500 System Software Denial of Service Vulnerability

The Cisco Aggregation Services Router 5000 and ASR 5500 System Software are Cisco's 5000 series wireless controller products. A security vulnerability in the Cisco ASR 5000 and ASR 5500 System Software fails to properly validate the length field in the packet header, allowing remote attackers to...

5CVSS6.9AI score0.01456EPSS
Exploits0References1
CNVD
CNVD
added 2015/03/25 12:0 a.m.2 views

tcpdump denial of service vulnerability (CNVD-2015-01978)

tcpdump is a network protocol analysis tool. The rpki-rtrpduprint function in tcpdump print-rpki-rtr.c fails to properly check header field lengths in RPKI-RTR Protocol Data Units PDUs, allowing attackers to conduct denial of service or arbitrary code execution attacks...

5CVSS8AI score0.19028EPSS
Exploits5References1
Cvelist
Cvelist
added 2015/03/24 5:0 p.m.27 views

CVE-2015-2153

The rpkirtrpduprint function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service out-of-bounds read or write and crash via a crafted header length in an RPKI-RTR Protocol Data Unit PDU...

8.9AI score0.19028EPSS
Exploits5References17
OSV
OSV
added 2015/03/24 12:0 a.m.3 views

UBUNTU-CVE-2015-2153

The rpkirtrpduprint function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service out-of-bounds read or write and crash via a crafted header length in an RPKI-RTR Protocol Data Unit PDU...

5CVSS7AI score0.19028EPSS
Exploits5References4
OSV
OSV
added 2014/12/26 8:59 p.m.2 views

DEBIAN-CVE-2010-2062

Integer underflow in the realgetrdtchunk function in real.c, as used in modules/access/rtsp/real.c in VideoLAN VLC media player before 1.0.1 and stream/realrtsp/real.c in MPlayer before r29447, allows remote attackers to execute arbitrary code via a crafted length value in an RDT chunk header...

7.5CVSS7.6AI score0.04397EPSS
Exploits1References1
Cisco
Cisco
added 2014/12/23 9:4 p.m.35 views

Cisco IronPort ESA Subject Header Length Denial of Service Vulnerability

A vulnerability in Subject header length processing on Cisco IronPort Email Security Appliance ESA could allow an unauthenticated, remote attacker to cause a limited denial of service DoS condition on an affected platform. The vulnerability occurs because the appliance does not limit the length o...

5CVSS6.3AI score0.01232EPSS
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

Be BeOS 4.0/4.5/5.0 IP Packet Length Field Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1100/info The networking process in BeOS can crash if certain malformed packets are transmitted to it. If the length field is set to a number less than the total length of the IP and protocol TCP or UDP headers alone, the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.31 views

tcpdump 3.4 Protocol Four and Zero Header Length Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/313/info A vulnerability in tcpdump causes it to enter an infinite loop within the procedure ipprint from the file printip.c when it receives a packet with IP protocol number four and a zero header length and it tries to...

7.1AI score
Exploits0
OSV
OSV
added 2013/11/04 3:55 p.m.2 views

DEBIAN-CVE-2013-4348

The skbflowdissect function in net/core/flowdissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service infinite loop via a small value in the IHL field of a packet with IPIP encapsulation...

7.1CVSS7.6AI score0.09408EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2013/11/04 12:0 a.m.3 views

PT-2013-4965 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.13 Description: The issue allows remote attackers to cause a denial of service, resulting in an infinite loop. This can be achieved by sending a packet with IPIP encapsulation that contains a small value in th...

10CVSS7.2AI score0.34649EPSS
Exploits44References378
Check Point Advisories
Check Point Advisories
added 2012/11/04 12:0 a.m.2 views

Rockwell RNA Message Negative Header Length

...

7AI score
Exploits0
OSV
OSV
added 2012/09/15 6:55 p.m.2 views

DEBIAN-CVE-2012-4929

The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differenc...

2.6CVSS8.6AI score0.04266EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2011/12/31 1:55 a.m.1 views

CVE-2011-1710

Multiple integer overflows in the HTTP server in the Novell XTier framework 3.1.8 allow remote attackers to cause a denial of service service crash or possibly execute arbitrary code via crafted header length variables...

7.5CVSS6.2AI score0.03589EPSS
Exploits0References6
NVD
NVD
added 2011/12/31 1:55 a.m.10 views

CVE-2011-1710

Multiple integer overflows in the HTTP server in the Novell XTier framework 3.1.8 allow remote attackers to cause a denial of service service crash or possibly execute arbitrary code via crafted header length variables...

7.5CVSS8AI score0.03589EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.2 views

LHa Vuffer Overflow Vulnerability in Testing and Extracting Process

Overview LHa for UNIX does not handle the header length information properly when testing or extracting an archive, which could lead to buffer overflow. Impact An attacker could execute arbitrary code with the privilege of the user running LHa. Solution Please refer to the 'Vendor Information'...

10CVSS7.5AI score0.10262EPSS
Exploits3References14
Prion
Prion
added 2007/04/16 9:19 p.m.21 views

Code injection

The Network Processing Unit NPU in the Cisco Wireless LAN Controller WLC before 3.2.193.5, 4.0.x before 4.0.206.0, and 4.1.x allows remote attackers on a local wireless network to cause a denial of service loss of packet forwarding via 1 crafted SNAP packets, 2 malformed 802.11 traffic, or 3...

6.1CVSS7.1AI score0.00982EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2007/04/16 9:19 p.m.2 views

CVE-2007-2039

The Network Processing Unit NPU in the Cisco Wireless LAN Controller WLC before 3.2.171.5, 4.0.x before 4.0.206.0, and 4.1.x allows remote attackers on a local wireless network to cause a denial of service loss of packet forwarding via 1 crafted SNAP packets, 2 malformed 802.11 traffic, or 3...

6.1CVSS5.7AI score0.0121EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2007/04/16 9:19 p.m.4 views

CVE-2007-2038

The Network Processing Unit NPU in the Cisco Wireless LAN Controller WLC before 3.2.193.5, 4.0.x before 4.0.206.0, and 4.1.x allows remote attackers on a local wireless network to cause a denial of service loss of packet forwarding via 1 crafted SNAP packets, 2 malformed 802.11 traffic, or 3...

6.1CVSS5.7AI score0.00982EPSS
Exploits0References7
OSV
OSV
added 2007/02/16 7:28 p.m.2 views

DEBIAN-CVE-2007-0897

Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service file descriptor consumption and failed scans via CAB archives with a cabinet header record length of zero, which causes a function to return...

7.5CVSS8.8AI score0.03387EPSS
Exploits0References1
Rows per page
Query Builder