484 matches found
openstack-neutron: DHCP spoofing vulnerability
Neutron functionality includes internal firewall management between networks. Due to the relaxed nature of particular rules, it is possible for machines on the same layer 2 networks to forge non-IP traffic, such as ARP and DHCP requests...
openstack-neutron: MAC source address spoofing vulnerability
Neutron functionality includes internal firewall management between networks. Due to the relaxed nature of particular rules, it is possible for machines on the same layer 2 networks to forge non-IP traffic, such as ARP and DHCP requests...
openstack-neutron: DHCP spoofing vulnerability
Neutron functionality includes internal firewall management between networks. Due to the relaxed nature of particular rules, it is possible for machines on the same layer 2 networks to forge non-IP traffic, such as ARP and DHCP requests...
openstack-neutron: ICMPv6 source address spoofing vulnerability
Neutron functionality includes internal firewall management between networks. Due to the relaxed nature of particular rules, it is possible for machines on the same layer 2 networks to forge non-IP traffic, such as ARP and DHCP requests...
The vulnerability of the Junos operating system, which allows a hacker to trigger a service failure
The vulnerability of the rpd daemon in the Junos operating system is related to incorrect data processing. Exploiting this vulnerability allows a malicious actor to trigger a service failure daemon reboots through a specially created BGP update using L2VPN...
Juniper Networks Junos OS BGP 'family l2vpn' UPDATE Denial of Service Vulnerability
Juniper Networks Junos OS is a network operating system dedicated to the company's hardware systems. A security vulnerability in Juniper Networks Junos OS using BGP based L2VPN and VPLS configuration allows remote attackers to conduct denial of service attacks by submitting a BGP 'family l2vpn'...
CVE-2016-1270
The rpd daemon in Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D40, 13.3 before 13.3R6, 14.1 before 14.1R4, and 14.2 before 14.2R2, when configured with...
The vulnerability of the ScreenOS operating system, which allows a hacker to trigger a service failure
The vulnerability of the L2TP packet processing function in the operating system ScreenOS exists due to insufficient checks on input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures using specially created L2TP packets...
UBUNTU-CVE-2015-8744
QEMU aka Quick Emulator built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It occurs when a guest sends a Layer-2 packet smaller than 22 bytes. A privileged CAPSYSRAWIO guest user could use this flaw to crash the QEMU process instance resulting in DoS...
Juniper Networks Netscreen and ScreenOS Firewall Denial of Service Vulnerability
Juniper Netscreen and ScreenOS Firewall with ScreenOS is a Juniper Networks NetScreen series firewall running the ScreenOS operating system. A security vulnerability exists in the L2TP packet processing in Juniper Networks Netscreen and ScreenOS Firewall products used in ScreenOS versions prior t...
The vulnerability of the Cisco IOS operating system, which allows a intruder to trigger a service failure
The vulnerability of the Cisco IOS operating system is related to resource management errors. Exploiting this vulnerability allows a malicious actor to cause service interruptions using a specially crafted L2TP packet...
Cisco ASR 1000 Series Router L2TP Processing Denial of Service Vulnerability
The Cisco ASR1000 Series Aggregation Services Routers provide a WAN edge solution that integrates information, communication, collaboration, and commerce. The Cisco ASR 1000 Series Router handles L2TP with a security vulnerability that allows a remote attacker to exploit the vulnerability by...
openstack-neutron: L2 agent DoS through incorrect allowed address pairs
A Denial-of-Service flaw was found in the OpenStack Networking neutron L2 agent when using the iptables firewall driver. By submitting an address pair that is rejected as invalid by the ipset tool with zero prefix size, an authenticated attacker can cause the L2 agent to crash...
OpenDaylight l2switch Security Bypass Vulnerability
Opendaylight, a project of the Linux Foundation in the United States, is a community-driven, open-source, software-defined networking framework that contains an ensemble of modules capable of performing networking tasks that need to be done quickly. A security bypass vulnerability exists in...
kernel: net: pppol2tp: level handling in pppol2tp_[s,g]etsockopt()
A flaw was found in the way the pppol2tpsetsockopt and pppol2tpgetsockopt functions in the Linux kernel's PPP over L2TP implementation handled requests with a non-SOLPPPOL2TP socket option level. A local, unprivileged user could use this flaw to escalate their privileges on the system...
kernel: net: pppol2tp: level handling in pppol2tp_[s,g]etsockopt()
A flaw was found in the way the pppol2tpsetsockopt and pppol2tpgetsockopt functions in the Linux kernel's PPP over L2TP implementation handled requests with a non-SOLPPPOL2TP socket option level. A local, unprivileged user could use this flaw to escalate their privileges on the system...
kernel: net: pppol2tp: level handling in pppol2tp_[s,g]etsockopt()
A flaw was found in the way the pppol2tpsetsockopt and pppol2tpgetsockopt functions in the Linux kernel's PPP over L2TP implementation handled requests with a non-SOLPPPOL2TP socket option level. A local, unprivileged user could use this flaw to escalate their privileges on the system...
DEBIAN-CVE-2014-4943
The PPPoL2TP feature in net/l2tp/l2tpppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket...
USN-2290-1 linux vulnerabilities
Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Salva Peiró discovered an information leak in the Linux kernel's media- device...
Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2281-1)
Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 An flaw was discovered in the Linux kernel's audit subsystem when auditing...