CVE-2015-7504

CVE-2015-7504 is a heap-based buffer overflow in the PC-Net II ethernet controller (hw/net/pcnet.c) of QEMU, exposed via guest-controlled packet reception. The flaw in pcnet_receive can lead to denial of service (instance crash) or possibly arbitrary code execution when handling a sequence of pac...

CVE-2017-10613

A vulnerability in a specific loopback filter action command, processed in a specific logical order of operation, in a running configuration of Juniper Networks Junos OS, allows an attacker with CLI access and the ability to initiate remote sessions to the loopback interface with the defined...

CVE-2017-10613

A vulnerability in a specific loopback filter action command, processed in a specific logical order of operation, in a running configuration of Juniper Networks Junos OS, allows an attacker with CLI access and the ability to initiate remote sessions to the loopback interface with the defined...

CVE-2017-10613

CVE-2017-10613 affects Juniper Junos OS kernels where a loopback filter action command in a running configuration can be triggered by an attacker with CLI access and the ability to initiate remote sessions to the loopback interface, causing the kernel to hang. Affected Junos releases include 12.1...

CVE-2017-10613 Junos OS: A kernel hang may occur due to a specific loopback filter action command

A vulnerability in a specific loopback filter action command, processed in a specific logical order of operation, in a running configuration of Juniper Networks Junos OS, allows an attacker with CLI access and the ability to initiate remote sessions to the loopback interface with the defined...

Windows Packet Divert: WinDivert

Windows Packet Divert WinDivert is a user-mode packet capture-and-divert package for Windows Vista, Windows 2008, Windows 7, Windows 8 and Windows 10. WinDivert allows usermode programs to capture/modify/drop network packets sent to/from the Windows network stack. In summary, WinDivert can captur...

Information Disclosure And Elevation Of Priveleges

Loopback is vulnerable to elevation of privilege attacks and information disclosure. This is possible because ACL relations are not enforced. This means that if a malicious user has user group relation, it may allow the group owner to view all user tokens in that group. They can then use that...

Unauthorized Change Of Password

loopback is vulnerable to unauthorized password changes. The vulnerability exists as loopback accepts a change of user password without having the user to confirm their old password, leading to an account takeover. The attack is possible as long as an attacker can perform some form of social...

shootback - a reverse TCP tunnel let you access target behind NAT or firewall

shootback is a reverse TCP tunnel let you access target behind NAT or firewall Consumes less than 1% CPU and 8MB memory under 800 concurrency. slaver is single file and only depends on python2.7/3.4+ standard library. How it works Typical Scene 1. Access company/school computerno internet IP from...

DEBIAN-CVE-2017-6347

The ipcmsgrecvchecksum function in net/ipv4/ipsockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service buffer over-read or possibly have unspecified other impact via crafted system calls, as demonstrated b...

CVE-2017-6347

The ipcmsgrecvchecksum function in net/ipv4/ipsockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service buffer over-read or possibly have unspecified other impact via crafted system calls, as demonstrated b...

UBUNTU-CVE-2017-6347

The ipcmsgrecvchecksum function in net/ipv4/ipsockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service buffer over-read or possibly have unspecified other impact via crafted system calls, as demonstrated b...

SQL Injection

loopback-connector-mssql is vulnerable to SQL injection attacks. This is because user-supplied inputs are not properly sanitized before using them in SQL queries, allowing a remote attacker to inject or manipulate SQL queries in the back-end database...

SQL Injection

loopback-connector-postgresql is vulnerable to SQL injection attacks. This is because user-supplied inputs are not properly sanitized before using them in SQL queries, allowing a remote attacker to inject or manipulate SQL queries in the back-end database...

SQL Injection

loopback-connector-mysql is vulnerable to SQL injection attacks. This is because user-supplied inputs are not properly sanitized before using them in SQL queries, allowing a remote attacker to inject or manipulate SQL queries in the back-end database...

PT-2017-3518 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.10.1 Description: The issue is related to the ip cmsg recv checksum function in the Linux kernel, which has incorrect expectations about skb data layout. This can be exploited by local users to cause a denial ...

Loopback Options When Load Balancing StoreFront Server Group Using NetScaler

In previous versions of StoreFront such as 2.6 or older, Citrix recommended that you manually modify the hosts file on each StoreFront server to map the fully qualified domain name FQDN of the load balancer to the loopback address or the IP address of the specific StoreFront server. This ensures...

Updated tcpreplay packages fixes CVE-2016-6160

Updated tcpreplay package fixes security vulnerability: The tcprewrite program, part of the tcpreplay suite, does not check the size of the frames it processes. Huge frames may trigger a segmentation fault, and they occur on interfaces with an MTU of or close to 65536. For example, the loopback...

Npcap - the Nmap Project's packet sniffing library for Windows

Npcap is an update of WinPcap to NDIS 6 Light-Weight Filter LWF technique. It supports Windows Vista, 7, 8 and 10 . It is sponsored by the Nmap Project and developed by Yang Luo under Google Summer of Code 2013 and 2015 . It also received many helpful tests from Wireshark and NetScanTools...

Windows Packet Sniffing Library: Npcap

Nmap Project’s packet sniffing library for Windows, based on WinPcap/Libpcap improved with NDIS 6 and LWF Npcap is an update of WinPcap to NDIS 6 Light-Weight Filter LWF .aspx technique. It supports Windows Vista, 7, 8 and 10. It is sponsored but not officially supported by the Nmap Project and...