18 matches found
Man-In-The-Middle (MITM)
org.postgresql:postgresql is vulnerable to Man-In-The-Middle MITM. The vulnerability is due to improper enforcement of channel-binding requirements in the driver allowing authentication methods that do not support channel binding e.g., password, MD5, GSS, SSPI even when channel binding is set to...
SUSE CVE-2012-1675
The TNS Listener, as used in Oracle Database 11g 11.1.0.7, 11.2.0.2, and 11.2.0.3, and 10g 10.2.0.3, 10.2.0.4, and 10.2.0.5, as used in Oracle Fusion Middleware, Enterprise Manager, E-Business Suite, and possibly other products, allows remote attackers to execute arbitrary database commands by...
CVE-2022-43501
KASAGO TCP/IP stack provided by Zuken Elmic generates ISNsInitial Sequence Number for TCP connections from an insufficiently random source. An attacker may be able to determine the ISN of the current or future TCP connections and either hijack existing ones or spoof future ones...
Secomea GateManager Information Disclosure Vulnerability
Secomea GateManager is a remote access server product from the Danish company Secomea. security vulnerability exists in all versions of Secomea GateManager prior to 9.7. The vulnerability stems from the exposure of query string information in GET requests of the LMM API, which could be exploited ...
Secomea GateManager 信息泄露漏洞
Secomea GateManager is a remote access server product from the Danish company Secomea. security vulnerability exists in all versions of Secomea GateManager prior to 9.7. The vulnerability stems from the exposure of query string information in GET requests of the LMM API, which could be exploited ...
CVE-2021-28372
ThroughTek's Kalay Platform 2.0 network allows an attacker to impersonate an arbitrary ThroughTek TUTK device given a valid 20-byte uniquely assigned identifier UID. This could result in an attacker hijacking a victim's connection and forcing them into supplying credentials needed to access the...
SA122 : SMB Vulnerabilities in Windows and Samba (Badlock)
SUMMARY Blue Coat products that include affected versions of Microsoft Windows and Samba are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to hijack connections to view and modify traffic, obtain unauthorized access to user passwords and other...
samba: Missing downgrade detection
It was found that Samba's LDAP implementation did not enforce integrity protection for LDAP connections. A man-in-the-middle attacker could use this flaw to downgrade LDAP connections to use no integrity protection, allowing them to hijack such connections...
CVE-2013-6949
The Belkin WeMo Home Automation firmware before 3949 does not properly use the STUN and TURN protocols, which allows remote attackers to hijack connections and possibly have unspecified other impact by leveraging access to a single WeMo device...
CVE-2013-6949
The Belkin WeMo Home Automation firmware before 3949 does not properly use the STUN and TURN protocols, which allows remote attackers to hijack connections and possibly have unspecified other impact by leveraging access to a single WeMo device...
CVE-2013-6949
CVE-2013-6949 concerns Belkin Wemo Home Automation devices: the firmware before 3949 does not properly use STUN/TURN, enabling a remote attacker who controls one device to relay connections to other Wemo devices. The impact is described as hijacking connections with potential further impact; expl...
CVE-2011-4093
Integer overflow in inc/server.hpp in libnet6 aka net6 before 1.3.14 might allow remote attackers to hijack connections and gain privileges as other users by making a large number of connections until the overflow occurs and an ID of another user is provided...
CVE-2011-4093
Integer overflow in inc/server.hpp in libnet6 aka net6 before 1.3.14 might allow remote attackers to hijack connections and gain privileges as other users by making a large number of connections until the overflow occurs and an ID of another user is provided...
Integer overflow
Integer overflow in inc/server.hpp in libnet6 aka net6 before 1.3.14 might allow remote attackers to hijack connections and gain privileges as other users by making a large number of connections until the overflow occurs and an ID of another user is provided...
CVE-2011-4093
Integer overflow in inc/server.hpp in libnet6 aka net6 before 1.3.14 might allow remote attackers to hijack connections and gain privileges as other users by making a large number of connections until the overflow occurs and an ID of another user is provided...
CVE-2011-4093
CVE-2011-4093 concerns libnet6 (net6) before version 1.3.14, where an integer overflow in inc/server.hpp could allow remote attackers to hijack connections and escalate privileges by exhausting descriptors and supplying the ID of another user. Public documents confirm the affected component (inc/...
Ubuntu Update for openssh vulnerability USN-597-1
Ubuntu Update for Linux kernel vulnerabilities USN-597-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5971.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for openssh vulnerability USN-597-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...
USN-597-1: OpenSSH vulnerability
Timo Juhani Lindfors discovered that the OpenSSH client, when port forwarding was requested, would listen on any available address family. A local attacker could exploit this flaw on systems with IPv6 enabled to hijack connections, including X11 forwards...