Information disclosure

Information disclosure in Modem due to buffer over-read while receiving a IP header with malformed length...

RHEL 8 : openvswitch3.1 (RHSA-2023:1766)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1766 advisory. Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Security Fixe...

A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0 OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow but with an incorrect action possibly causing incorrect handling of other IP packets with a != 0 IP protocol that matches this dp flow.

...

CVE-2023-1668

A flaw was found in openvswitch OVS. When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results for both kernel and userspace datapath in installing a datapath flow matching all IP protocols nwproto is wildcarded...

CVE-2022-33291 Buffer over-read in Modem

Information disclosure in Modem due to buffer over-read while receiving a IP header with malformed length...

SUSE CVE-2006-3758

inc/init.php in Archive Mode Light in MyBB aka MyBulletinBoard 1.1.4 calls the extract function with EXTROVERWRITE on HTTP POST and GET variables, which allows remote attackers to overwrite arbitrary variables, as demonstrated via an SQL injection using the SERVERHTTPCLIENTIP parameter in...

SUSE CVE-2011-3187

The tos method in actionpack/lib/actiondispatch/middleware/remoteip.rb in Ruby on Rails 3.0.5 does not validate the X-Forwarded-For header in requests from IP addresses on a Class C network, which might allow remote attackers to inject arbitrary text into log files or bypass intended address...

SUSE CVE-2016-6835

The vmxnettxpktparseheaders function in hw/net/vmxnettxpkt.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service buffer over-read by leveraging failure to check IP header length...

PT-2022-35957 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.10 Description: The issue concerns the use of struct group to copy ip/ipv6 header addresses in the Linux Kernel. It was introduced in version v4.2 and fixed in version v6.0.10. The actual impact and attack...

kernel: gso: do not skip outer ip header in case of ipip and net_failover

In the Linux kernel, the following vulnerability has been resolved: gso: do not skip outer ip header in case of ipip and netfailover We encounter a tcp drop issue in our cloud environment. Packet GROed in host forwards to a VM virtionet nic with netfailover enabled. VM acts as a IPVS LB with ipip...

PT-2024-5864 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the Linux kernel's gso component, which fails to skip the outer IP header in certain cases, such as when using ipip and net failover. This can cause a TCP drop...

Design/Logic Flaw

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based, attacker to cause Denial of Service DoS. A PFE crash will happen when a GPRS Tunnel Protocol GTP packet is...

CVE-2022-22235

CVE-2022-22235 affects Juniper Networks Junos OS on SRX Series. The issue is an improper check in the Packet Forwarding Engine (PFE) that can cause a Denial of Service (PFE crash) when a GTP-encapsulated GPRS traffic packet with a malformed IP header field is processed. The crash occurs only if e...

CVE-2022-1613

The Restricted Site Access WordPress plugin before 7.3.2 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based limitations in certain situations...

FreeBSD : zeek -- potential DoS vulnerabilities (656b0152-faa9-4755-b08d-aee4a774bd04)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 656b0152-faa9-4755-b08d-aee4a774bd04 advisory. - Tim Wojtulewicz of Corelight reports: Fix a possible overflow and crash in the ICMP analyzer when...

[SECURITY] [DLA 3111-1] mod-wsgi security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3111-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz September 15, 2022 https://wiki.debian.org/LTS -...

CVE-2022-2255

A vulnerability was found in modwsgi. The X-Client-IP header is not removed from a request from an untrusted proxy, allowing an attacker to pass the X-Client-IP header to the target WSGI application because the condition to remove it is missing...

AZL-10734 CVE-2022-2255 affecting package mod_wsgi for versions less than 4.9.3-2

A vulnerability was found in modwsgi. The X-Client-IP header is not removed from a request from an untrusted proxy, allowing an attacker to pass the X-Client-IP header to the target WSGI application because the condition to remove it is missing...

PYSEC-2022-254

A vulnerability was found in modwsgi. The X-Client-IP header is not removed from a request from an untrusted proxy, allowing an attacker to pass the X-Client-IP header to the target WSGI application because the condition to remove it is missing...

PYSEC-2022-254

A vulnerability was found in modwsgi. The X-Client-IP header is not removed from a request from an untrusted proxy, allowing an attacker to pass the X-Client-IP header to the target WSGI application because the condition to remove it is missing...