Lucene search
K

1850 matches found

NVD
NVD
added 2008/06/12 2:32 a.m.30 views

CVE-2008-1440

Microsoft Windows XP SP2 and SP3, and Server 2003 SP1 and SP2, does not properly validate the option length field in Pragmatic General Multicast PGM packets, which allows remote attackers to cause a denial of service infinite loop and system hang via a crafted PGM packet, aka the "PGM Invalid...

7.1CVSS6.3AI score0.22591EPSS
Exploits1References7
Prion
Prion
added 2008/06/12 2:32 a.m.19 views

Security feature bypass

Microsoft Windows XP SP2 and SP3, and Server 2003 SP1 and SP2, does not properly validate the option length field in Pragmatic General Multicast PGM packets, which allows remote attackers to cause a denial of service infinite loop and system hang via a crafted PGM packet, aka the "PGM Invalid...

7.1CVSS6.8AI score0.22591EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2008/06/12 1:30 a.m.31 views

CVE-2008-1440

Microsoft Windows XP SP2 and SP3, and Server 2003 SP1 and SP2, does not properly validate the option length field in Pragmatic General Multicast PGM packets, which allows remote attackers to cause a denial of service infinite loop and system hang via a crafted PGM packet, aka the "PGM Invalid...

6.3AI score0.22591EPSS
Exploits1References7
Check Point Advisories
Check Point Advisories
added 2008/06/11 12:0 a.m.5 views

Microsoft Windows PGM Packet Handling Denial of Service (MS08-036; CVE-2008-1440)

PGM is a reliable and scalable multicast protocol that enables receivers to detect loss, request retransmission of lost data, or notify an application of unrecoverable loss. The vulnerability is due to the PGM's parsing code that fails to properly validate the option field length of a PGM packet....

7.1CVSS6.3AI score0.22591EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2008/06/10 12:0 a.m.46 views

MS08-036: Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service (950762)

The remote version of Windows is affected by a vulnerability in the Pragmatic General Multicast protocol installed with the MSMQ service. An attacker may exploit this flaw to crash the remote host remotely. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid33137;...

7.1CVSS5.5AI score0.22591EPSS
Exploits1References3
securityvulns
securityvulns
added 2008/05/22 12:0 a.m.57 views

MDAP ANTs PWNAGE: dumping the admin password of the BT Home Hub

http://www.gnucitizen.org/blog/dumping-the-admin-password-of-the-bt-home-hub/ We're back with more security attacks against the BT Home Hub most popular wireless DSL router in the UK! BT added a new security feature on the latest version 1 of the BT Home Hub firmware 6.2.6.E at time of writing...

7.6AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2008/05/09 12:0 a.m.11 views

Update Protection against Borland StarTeam Multicast Service HTTP Handling Buffer Overflow Vulnerability

A buffer overflow vulnerability has been reported in Borland StarTeam Multicast Service. Borland StarTeam is a software change and configuration management tool, designed for both centralized and geographically distributed software development environments. A remote attacker might exploit this...

9.3CVSS7.6AI score0.31024EPSS
Exploits8
Saint
Saint
added 2008/04/25 12:0 a.m.26 views

Borland StarTeam Multicast Service parse_request buffer overflow

Added: 04/25/2008 CVE: CVE-2008-0311 BID: 28602 OSVDB: 44039 Background Borland StarTeam is a software change and configuration management system. Problem A buffer overflow vulnerability in the PGMWebHandler::parserequest function in the StarTeam Multicast Service allows remote attackers to execu...

9.3CVSS7.8AI score0.31024EPSS
Exploits8
Saint
Saint
added 2008/04/25 12:0 a.m.27 views

Borland StarTeam Multicast Service parse_request buffer overflow

Added: 04/25/2008 CVE: CVE-2008-0311 BID: 28602 OSVDB: 44039 Background Borland StarTeam is a software change and configuration management system. Problem A buffer overflow vulnerability in the PGMWebHandler::parserequest function in the StarTeam Multicast Service allows remote attackers to execu...

9.3CVSS7.8AI score0.31024EPSS
Exploits8
Saint
Saint
added 2008/04/25 12:0 a.m.31 views

Borland StarTeam Multicast Service parse_request buffer overflow

Added: 04/25/2008 CVE: CVE-2008-0311 BID: 28602 OSVDB: 44039 Background Borland StarTeam is a software change and configuration management system. Problem A buffer overflow vulnerability in the PGMWebHandler::parserequest function in the StarTeam Multicast Service allows remote attackers to execu...

9.3CVSS7.8AI score0.31024EPSS
Exploits8
Saint
Saint
added 2008/04/25 12:0 a.m.19 views

Borland StarTeam Multicast Service parse_request buffer overflow

Added: 04/25/2008 CVE: CVE-2008-0311 BID: 28602 OSVDB: 44039 Background Borland StarTeam is a software change and configuration management system. Problem A buffer overflow vulnerability in the PGMWebHandler::parserequest function in the StarTeam Multicast Service allows remote attackers to execu...

9.3CVSS7.8AI score0.31024EPSS
Exploits8
seebug.org
seebug.org
added 2008/04/09 12:0 a.m.27 views

Borland StarTeam Multicast服务GMWebHandler::parse_request()栈溢出漏洞

BUGTRAQ ID: 28602 CVECAN ID: CVE-2008-0311 Borland CaliberRM是Borland所捆绑的开发部署解决方案中的企业软件要求管理软件。 CaliberRM的实现上存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制服务器。 CaliberRM的StarTeam多播服务组件(STMulticastService)包含有有漏洞的函数PGMWebHandler::parserequest: .text:003AA15D call PGMWebHandler::parserequestchar const ,uint,char...

9.3CVSS6.3AI score0.31024EPSS
Exploits8
Prion
Prion
added 2008/04/06 11:44 p.m.16 views

Stack overflow

Stack-based buffer overflow in the PGMWebHandler::parserequest function in the StarTeam Multicast Service component STMulticastService 6.4 in Borland CaliberRM 2006 allows remote attackers to execute arbitrary code via a large HTTP request...

9.3CVSS8.5AI score0.31024EPSS
Exploits8References6Affected Software1
seebug.org
seebug.org
added 2008/03/31 12:0 a.m.30 views

Cisco IOS多播虚拟专用网MDT Data Join消息处理数据泄露漏洞

BUGTRAQ ID: 28464 CVECAN ID: CVE-2008-1156 Cisco IOS是思科网络设备所使用的互联网操作系统。 Cisco IOS在实现多播虚拟专用网(MVPN)时存在漏洞,允许攻击者发送特制的多播分布树(MDT)Data Join消息导致在核心路由器上创建额外的多播状态。 这个漏洞还允许泄露其他MPLS VPN的多播通讯,可以接收连接到同一供应商边界(PE)路由器的VPN的多播通讯。如果要成功利用这个漏洞,攻击者必须知道或猜测到远程PE路由器的边界网管协议(BGP)同层IP地址,以及其他MPLS VPN所使用的多播组的地址。 Cisco IOS 12.4...

5.1CVSS6.4AI score0.02708EPSS
Exploits1
Prion
Prion
added 2008/03/27 10:44 a.m.26 views

Design/Logic Flaw

Unspecified vulnerability in the Multicast Virtual Private Network MVPN implementation in Cisco IOS 12.0, 12.2, 12.3, and 12.4 allows remote attackers to create "extra multicast states on the core routers" via a crafted Multicast Distribution Tree MDT Data Join message...

5.1CVSS6.7AI score0.02708EPSS
Exploits1References8Affected Software2
NVD
NVD
added 2008/03/27 10:44 a.m.23 views

CVE-2008-1156

Unspecified vulnerability in the Multicast Virtual Private Network MVPN implementation in Cisco IOS 12.0, 12.2, 12.3, and 12.4 allows remote attackers to create "extra multicast states on the core routers" via a crafted Multicast Distribution Tree MDT Data Join message...

5.1CVSS6.4AI score0.02708EPSS
Exploits1References8
Cvelist
Cvelist
added 2008/03/27 10:0 a.m.30 views

CVE-2008-1156

Unspecified vulnerability in the Multicast Virtual Private Network MVPN implementation in Cisco IOS 12.0, 12.2, 12.3, and 12.4 allows remote attackers to create "extra multicast states on the core routers" via a crafted Multicast Distribution Tree MDT Data Join message...

6.4AI score0.02708EPSS
Exploits1References8
CVE
CVE
added 2008/03/27 10:0 a.m.80 views

CVE-2008-1156

CVE-2008-1156 affects Cisco IOS MVPN implementations (released 12.0–12.4). The vulnerability arises from the MDT Data Join handling, enabling remote attackers to create extra multicast states on core routers and, in some cases, leak multicast traffic between MPLS VPNs when DSP/BDP information is ...

5.1CVSS6.3AI score0.02708EPSS
Exploits1References8Affected Software2
securityvulns
securityvulns
added 2008/03/26 12:0 a.m.58 views

Cisco Security Advisory: Cisco IOS Multicast Virtual Private Network (MVPN) Data Leak

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IOS Multicast Virtual Private Network MVPN Data Leak Advisory ID: cisco-sa-20080326-mvpn http://www.cisco.com/warp/public/707/cisco-sa-20080326-mvpn.shtml Revision 1.0 For Public Release 2008 March 26 1600 UTC GMT Summar...

5.1CVSS0.7AI score0.02708EPSS
Exploits1
Oracle linux
Oracle linux
added 2007/11/19 12:0 a.m.25 views

conga security, bug fix, and enhancement update

0.10.0-6.el5.0.1 - Replaced Redhat copyrighted and trademarked images in the conga-0.10.0 tarball. 0.10.0-6 - Fixed bz253783 - Fixed bz253914 conga doesn't allow you to reuse nfs export and nfs client resources - Fixed bz254038 Impossible to set many valid quorum disk configurations via conga -...

5CVSS6.3AI score0.01745EPSS
Exploits0
Rows per page
Query Builder