2087 matches found
kernel: ipv6: make fragment identifications less predictable
The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service disrupted networking by predicting these values and sending crafted packets...
kernel: ipv6: make fragment identifications less predictable
The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service disrupted networking by predicting these values and sending crafted packets...
PT-2011-1067 · Suse +2 · Ext4Dev-Kmp-Trace +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.39 ext4dev-kmp-trace affected versions not specified Description: The issue allows remote attackers to cause a denial of service, potentially leading to a system crash. This can be achieved by sending...
CentOS Update for openswan CESA-2009:1138 centos5 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CentOS Update for openswan CESA-2009:0402 centos5 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
PT-2012-1534 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.34 Description: The issue affects the Linux kernel, specifically the ip gre module. It allows remote attackers to cause a denial of service by sending a packet during module loading, resulting in an OOPS...
kernel: ipv4: netfilter: ip_tables: fix infoleak to userspace
net/ipv4/netfilter/iptables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...
CVE-2011-1637
Cisco Unified IP Phones 7900 devices aka TNP phones with software before 9.2.1 do not properly verify signatures for software images, which allows local users to gain privileges via a crafted image, aka Bug ID CSCtn65962...
kernel: ipv4: netfilter: ip_tables: fix infoleak to userspace
net/ipv4/netfilter/iptables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...
dhcp: unexpected abort caused by a DHCPv6 decline message
The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service assertion failure and daemon crash by sending a message over IPv6 for a declined and abandoned address...
DEBIAN-CVE-2011-0413
The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service assertion failure and daemon crash by sending a message over IPv6 for a declined and abandoned address...
FBI raids ISP in Anonymous DDoS investigation !
Authorities in the U.S. and Germany have raided Internet Service Providers in hopes of tracking down the hackers who launched distributed denial of service DDoS attacks against Web sites such as Visa.com, PayPal.com, and Mastercard.com earlier this month. In documents posted Wednesday to the...
kernel: ipv6: skb is unexpectedly freed
Use-after-free vulnerability in net/ipv4/tcpinput.c in the Linux kernel 2.6 before 2.6.20, when IPV6RECVPKTINFO is set on a listening socket, allows remote attackers to cause a denial of service kernel panic via a SYN packet while the socket is in a listening TCPLISTEN state, which is not properl...
iSCSI target Multiple Implementations Format String Code Execution (CVE-2010-0743)
iSCSI Internet Small Computer System Interface is an Internet Protocol based storage networking standard for linking data storage facilities. It is used to transfer data over the network using the SCSI protocol. A format string vulnerability has been reported in multiple implementations of iSCSI...
Anti-Phishing Group Targeting Fax-Based Scams
The heyday of faxing may have passed twenty years ago, but scam artists haven’t given up on the old technology, especially when it comes to wheedling personally identifiable information out of unsuspecting office workers. Now a leading anti-phishing group is tackling the problem of fax based...
PT-2010-2540 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: A spoofing issue exists due to the way Windows checks the inner packet's IPv6 source address in a tunneled ISATAP packet. This could allow an attacker to impersonate an addres...
kernel: ipv6: fix ip6_dst_lookup_tail() NULL pointer dereference
The ip6dstlookuptail function in net/ipv6/ip6output.c in the Linux kernel before 2.6.27 does not properly handle certain circumstances involving an IPv6 TUN network interface and a large number of neighbors, which allows attackers to cause a denial of service NULL pointer dereference and OOPS or...
kernel: ipv6: fix ip6_dst_lookup_tail() NULL pointer dereference
The ip6dstlookuptail function in net/ipv6/ip6output.c in the Linux kernel before 2.6.27 does not properly handle certain circumstances involving an IPv6 TUN network interface and a large number of neighbors, which allows attackers to cause a denial of service NULL pointer dereference and OOPS or...
kernel: ipv6: fix ip6_dst_lookup_tail() NULL pointer dereference
The ip6dstlookuptail function in net/ipv6/ip6output.c in the Linux kernel before 2.6.27 does not properly handle certain circumstances involving an IPv6 TUN network interface and a large number of neighbors, which allows attackers to cause a denial of service NULL pointer dereference and OOPS or...
kernel: ipv6_hop_jumbo remote system crash
The ipv6hopjumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.22 does not properly validate the hop-by-hop IPv6 extended header, which allows remote attackers to cause a denial of service NULL pointer dereference and kernel panic via a crafted IPv6 packet...