Cisco NetFlow Generation Appliance Stream Control Transmission Protocol Denial of Service Vulnerability

A vulnerability in the Stream Control Transmission Protocol SCTP decoder of the Cisco NetFlow Generation Appliance NGA could allow an unauthenticated, remote attacker to cause the device to hang or unexpectedly reload, causing a denial of service DoS condition. The vulnerability is due to...

Cisco Releases Security Update

Cisco has released a security update to address a vulnerability in its NetFlow Generation Appliance NGA. Exploitation of this vulnerability could allow a remote attacker to cause a denial-of-service condition. Users and administrators are encouraged to review the Cisco Security Advisory and apply...

CVE-2016-9222

A vulnerability in the web-based management interface of Cisco NetFlow Generation Appliance could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. More Information: CSCvb15229. Known...

Cross site scripting

A vulnerability in the web-based management interface of Cisco NetFlow Generation Appliance could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. More Information: CSCvb15229. Known...

CVE-2016-9222

A vulnerability in the web-based management interface of Cisco NetFlow Generation Appliance could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. More Information: CSCvb15229. Known...

CVE-2016-9222

CVE-2016-9222 affects Cisco NetFlow Generation Appliance. The vulnerability is a Cross-Site Scripting (XSS) issue in the web-based management interface caused by insufficient validation of user-supplied input. An unauthenticated, remote attacker could lure a user to click a crafted link and execu...

Cisco NetFlow Generation Appliance Cross-Site Scripting Vulnerability

The Cisco NetFlow Generation Appliance is a scalable cost-effective solution for traffic visibility in today's high-performance data centers. A cross-site scripting vulnerability exists in the Cisco NetFlow Generation Appliance that stems from a failure to properly validate user input. An attacke...

Cisco NetFlow Generation Appliance Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco NetFlow Generation Appliance could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...

Logstash 2.3.2 Vulnerability with Netflow codec plugin

Hi all, we've published ESA-2016-06 for a vulnerability in netflow codec plugin for Logstash 2.3.2. Thanks to Jorrit Folmer maintainer of netflow codec for reporting and fixing this issue. Details below: Vulnerability Summary: In Logstash versions prior to 2.3.3, when using the Netflow Codec...

High Performance DoS Analyzer: FastNetMon

High Performance DoS Analyzer FastNetMon – A high performance DoS/DDoS load analyzer built on top of multiple packet capture engines NetFlow, IPFIX, sFLOW, SnabbSwitch, netmap, PFRING, PCAP. What can we do? We can detect hosts in our networks sending or receiving large volumes of...

[SECURITY] Fedora 23 Update: nfdump-1.6.15-1.fc23

Nfdump is a set of tools to collect and process NetFlow data. It's fast and has a powerful filter pcap like syntax. It supports NetFlow versions v1, v5, v7 , v9 and IPFIX as well as a limited set of sflow. It includes support for CISCO ASA NSEL and CISCO NAT NEL devices which export event logging...

[SECURITY] Fedora 22 Update: nfdump-1.6.15-1.fc22

Nfdump is a set of tools to collect and process NetFlow data. It's fast and has a powerful filter pcap like syntax. It supports NetFlow versions v1, v5, v7 , v9 and IPFIX as well as a limited set of sflow. It includes support for CISCO ASA NSEL and CISCO NAT NEL devices which export event logging...

[SECURITY] Fedora 24 Update: nfdump-1.6.15-1.fc24

Nfdump is a set of tools to collect and process NetFlow data. It's fast and has a powerful filter pcap like syntax. It supports NetFlow versions v1, v5, v7 , v9 and IPFIX as well as a limited set of sflow. It includes support for CISCO ASA NSEL and CISCO NAT NEL devices which export event logging...

Nfdump Nfcapd 1.6.14 - Multiple Vulnerabilities

Exploit for linux platform in category dos / poc Nfdump Nfcapd Multiple Vulnerabilities Affected Versions: Nfdump = 1.6.14 PDF: http://www.security-assessment.com/files/documents/advisory/Nfdump%20nfcapd%201.6.14%20-%20Multiple%20Vulnerabilities.pdf +-------------+ | Description | +-------------+...

Nfdump Nfcapd 1.6.14 - Multiple Vulnerabilities

, , . '.' '. ', . , '. , .', , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' =''"''=. presents.. Nfdump Nfcapd Multiple Vulnerabilities Affected Versions: Nfdump = 1.6.14 PDF:...

Nfdump Nfcapd 1.6.14 - Multiple Vulnerabilities

Nfdump Nfcapd 1.6.14 - Multiple Vulnerabilities , , . '.' '. ', . , '. , .', , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' =''"''=. presents.. Nfdump Nfcapd Multiple Vulnerabilities Affected Versions: Nfdump = 1.6.14 PDF:...

CVE-2015-4203

Race condition in Cisco IOS 12.2SCH in the Performance Routing Engine PRE module on uBR10000 devices, when NetFlow and an MPLS IPv6 VPN are configured, allows remote attackers to cause a denial of service PXF process crash by sending malformed MPLS 6VPE packets quickly, aka Bug ID CSCud83396...

Cisco IOS Software UBR Devices IPv6 VPN Multiprotocol Label Switching Denial of Service Vulnerability

A vulnerability in Cisco Universal Broadband Routers performing IPv6 VPN over Multiprotocol Label Switching MPLS; 6VPE and configured for NetFlow could allow an unauthenticated, remote attacker to cause a crash of the Parallel Express Forwarding PXF process on the Performance Routing Engine PRE...

CVE-2015-4418

Zoho NetFlow Analyzer build 10250 and earlier does not have an off autocomplete attribute for a password field, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation...

CVE-2015-2961

Cross-site request forgery CSRF vulnerability in Zoho NetFlow Analyzer build 10250 and earlier allows remote attackers to hijack the authentication of administrators...