NTP MON_GETLIST Query Amplification DDoS

!/usr/bin/perl ntp MONGETLIST query amplification ddos Copyright 2015 c Todor Donev [email protected] http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg A Network Time Protocol NTP Amplification attack is an emerging form of Distributed Denial of Service DDoS that relies...

Code injection

The Gateway General Packet Radio Service Support Node GGSN component on Cisco ASR 5000 devices with software 17.2.0.59184 and 18.0.L0.59219 allows remote attackers to cause a denial of service Session Manager restart via an invalid TCP/IP header, aka Bug ID CSCut68058...

Cisco IOS IP Header Sanity Check DoS (CSCuj23992)

According to its self-reported version, the remote IOS device is affected by a denial of service vulnerability in the Cisco Express Forwarding processing module. The issue is due to improper processing of MPLS packets. When certain additional features are configured, an attacker can exploit this...

3Com SuperStack II RAS 1500 - IP Header Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7175/info vulnerability has been reported in the 3Com SuperStack II RAS 1500 router. The problem occurs when processing network packets containing malicious IP headers. When received, the packet may cause the router to...

CVE-2013-6706

The Cisco Express Forwarding processing module in Cisco IOS XE allows remote attackers to cause a denial of service device reload via crafted MPLS packets that are not properly handled during IP header validation, aka Bug ID CSCuj23992...

Design/Logic Flaw

The Cisco Express Forwarding processing module in Cisco IOS XE allows remote attackers to cause a denial of service device reload via crafted MPLS packets that are not properly handled during IP header validation, aka Bug ID CSCuj23992...

CVE-2013-6706

The Cisco Express Forwarding processing module in Cisco IOS XE allows remote attackers to cause a denial of service device reload via crafted MPLS packets that are not properly handled during IP header validation, aka Bug ID CSCuj23992...

DEBIAN-CVE-2013-4348

The skbflowdissect function in net/core/flowdissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service infinite loop via a small value in the IHL field of a packet with IPIP encapsulation...

Memory corruption

Yamaha RTX, RT, SRT, RTV, RTW, and RTA series routers with firmware 6.x through 10.x, and NEC IP38X series routers with firmware 6.x through 10.x, do not properly handle IP header options, which allows remote attackers to cause a denial of service device reboot via a crafted option that triggers...

CVE-2011-1323

The CVE affects Yamaha RTX/RT/SRT/RTV/RTW/RTA series (firmware 6.x–10.x) and NEC IP38X series (6.x–10.x), where improper handling of IP header options can be triggered by a crafted option, causing a remote reboot (DoS) via access to an invalid memory location. Root cause: faulty processing of IP ...

Crafted IP Option Vulnerability

Cisco routers and switches running Cisco IOS or Cisco IOS XR software may be vulnerable to a remotely exploitable crafted IP option Denial of Service DoS attack. Exploitation of the vulnerability may potentially allow for arbitrary code execution. The vulnerability may be exploited after processi...

DEBIAN-CVE-2009-3287

lib/thin/connection.rb in Thin web server before 1.2.4 relies on the X-Forwarded-For header to determine the IP address of the client, which allows remote attackers to spoof the IP address and hide activities via a modified X-Forwarded-For header...

Newbb_plus Module for RunCMS Client-Ip Header SQL Injection

The version of RunCMS installed on the remote host fails to sanitize user-supplied input to the 'Client-Ip' request header before using it in a database query in the 'newbbplus' module. Regardless of PHP's 'magicquotesgpc' setting, an attacker may be able to exploit this issue to manipulate...

CVE-2007-1963

SQL injection vulnerability in the createsession function in classsession.php in MyBB aka MyBulletinBoard 1.2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Client-IP HTTP header, as utilized by index.php, a related issue to CVE-2006-3775...

CVE-2007-0480

Cisco IOS 9.x, 10.x, 11.x, and 12.x and IOS XR 2.0.x, 3.0.x, and 3.2.x allows remote attackers to cause a denial of service or execute arbitrary code via a crafted IP option in the IP header in a 1 ICMP, 2 PIMv2, 3 PGM, or 4 URD packet...

Cisco IOS fails to properly process certain packets containing a crafted IP option

Overview Cisco IOS software contains a vulnerablity that may allow an attacker to execute arbitrary code or create a denial of service condition. Description Cisco IOS is an operating system that is used on Cisco network devices. The Internet Control Message Protocol ICMP is a protocol commonly...

D-Link Wireless Access Point (Fragmented UDP) DoS Exploit

Exploit for hardware platform in category dos / poc ========================================================= D-Link Wireless Access Point Fragmented UDP DoS Exploit ========================================================= / Aaron Portnoy silc.thunkers.net, thunkers D-Link Wireless Access Point...

D-Link Wireless Access Point (Fragmented UDP) DoS Exploit

No description provided by source. / Aaron Portnoy silc.thunkers.net, thunkers D-Link Wireless Access Point Fragmented UDP DoS Proof of Concept gcc -o dlinkdos dlinkdos.c -lnet -Wall / include libnet.h define DEVICE "eth0" define SRCIP "127.0.0.1" define DSTIP "127.0.0.1" define SRCPRT 200 define...

Stream / Raped Denial of Service Attack (win version)

Exploit for multiple platform in category dos / poc ===================================================== Stream / Raped Denial of Service Attack win version ===================================================== / Straped 1.0 author: Marco Del Percio 20/05/2005 Remember: this is a mulithreaded...

Stream / Raped (Windows) - Denial of Service

/ Straped 1.0 author: Marco Del Percio 20/05/2005 Remember: this is a mulithreaded program! MSVC++ compile with /MT. Remember: This program requires raw socket support! You can't use it on Windows XP SP2 and if you've done MS05-019 update you'll have to re-enable raw socket support! If you still...