215 matches found
kernel: gso: do not skip outer ip header in case of ipip and net_failover
In the Linux kernel, the following vulnerability has been resolved: gso: do not skip outer ip header in case of ipip and netfailover We encounter a tcp drop issue in our cloud environment. Packet GROed in host forwards to a VM virtionet nic with netfailover enabled. VM acts as a IPVS LB with ipip...
CVE-2022-48936
Removed by vendor...
CVE-2024-41432
An IP Spoofing vulnerability has been discovered in Likeshop up to 2.5.7.20210811. This issue allows an attacker to replace their real IP address with any arbitrary IP address, specifically by adding a forged 'X-Forwarded' or 'Client-IP' header to requests. Exploiting IP spoofing, attackers can...
BIT-MATTERMOST-2022-2366
Incorrect default configuration for trusted IP header in Mattermost version 6.7.0 and earlier allows attacker to bypass some of the rate limitations in place or use manipulated IPs for audit logging via manipulating the request headers...
BIT-MOD_WSGI-2022-2255
A vulnerability was found in modwsgi. The X-Client-IP header is not removed from a request from an untrusted proxy, allowing an attacker to pass the X-Client-IP header to the target WSGI application because the condition to remove it is missing...
Advisory ROSA-SA-2024-2363
Software: modwsgi 4.6.4 OS: ROSA Virtualization 2.1 packageevrstring: modwsgi-4.6.4-4.rv3.1c CVE-ID: CVE-2022-2255 BDU-ID: 2022-05209 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the modwsgi module of the Apache web server is related to errors in the processing of the X-Client-IP header...
CVE-2023-38562
A double-free vulnerability exists in the IP header loopback parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted set of network packets can lead to memory corruption, potentially resulting in code execution. An attacker can send a sequence of unauthenticated packets t...
CVE-2023-38562
A double-free vulnerability exists in the IP header loopback parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted set of network packets can lead to memory corruption, potentially resulting in code execution. An attacker can send a sequence of unauthenticated packets t...
Double free
A double-free vulnerability exists in the IP header loopback parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted set of network packets can lead to memory corruption, potentially resulting in code execution. An attacker can send a sequence of unauthenticated packets t...
CVE-2023-38562
Weston Embedded uC-TCP-IP v3.06.01 contains a double-free vulnerability in the IP header loopback parsing functionality. A specially crafted sequence of unauthenticated network packets can trigger memory corruption, potentially enabling code execution. Talos confirms CVE-2023-38562, identifies v3...
CVE-2023-38562
A double-free vulnerability exists in the IP header loopback parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted set of network packets can lead to memory corruption, potentially resulting in code execution. An attacker can send a sequence of unauthenticated packets t...
CVE-2023-38562
A double-free vulnerability exists in the IP header loopback parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted set of network packets can lead to memory corruption, potentially resulting in code execution. An attacker can send a sequence of unauthenticated packets t...
Weston Embedded uC-TCP-IP IP header loopback parsing double-free vulnerability
Talos Vulnerability Report TALOS-2023-1829 Weston Embedded uC-TCP-IP IP header loopback parsing double-free vulnerability February 20, 2024 CVE Number CVE-2023-38562 SUMMARY A double-free vulnerability exists in the IP header loopback parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A...
Design/Logic Flaw
ping reads raw IP packets from the network to process responses in the prpack function. As part of processing a response ping has to reconstruct the IP header, the ICMP header and if present a "quoted packet," which represents the packet that generated an ICMP error. The quoted packet again has a...
PYSEC-2024-27
CrateDB 5.5.1 is contains an authentication bypass vulnerability in the Admin UI component. After configuring password authentication and Local In the case of an address, identity authentication can be bypassed by setting the X-Real IP request header to a specific value and accessing the Admin UI...
CrateDB Security Vulnerability
CrateDB is a distributed and scalable SQL database from CrateDB, Inc. A security vulnerability exists in CrateDB version 5.5.1, which stems from an authentication bypass vulnerability contained in the Admin UI component, which can be bypassed by setting the X-Real IP request header to a specific...
CVE-2023-51982
CrateDB 5.5.1 is contains an authentication bypass vulnerability in the Admin UI component. After configuring password authentication and Local In the case of an address, identity authentication can be bypassed by setting the X-Real IP request header to a specific value and accessing the Admin UI...
Design/Logic Flaw
Katran could disclose non-initialized kernel memory as part of an IP header. The issue was present for IPv4 encapsulation and ICMP v4 Too Big packet generation. After a bpfxdpadjusthead call, Katran code didn’t initialize the Identification field for the IPv4 header, resulting in writing content ...
CVE-2023-49062
Summary: CVE-2023-49062 affects Meta Katran. After a bpf_xdp_adjust_head call, Katran could write uninitialized kernel memory into the IPv4 Identification field during IPv4 encapsulation (and ICMPv4 Too Big packet generation), exposing kernel memory content. This occurs in all Katran versions pri...
CVE-2023-49062
Katran could disclose non-initialized kernel memory as part of an IP header. The issue was present for IPv4 encapsulation and ICMP v4 Too Big packet generation. After a bpfxdpadjusthead call, Katran code didn’t initialize the Identification field for the IPv4 header, resulting in writing content ...