454 matches found
CVE-2021-21005
In Phoenix Contact FL SWITCH SMCS series products in multiple versions if an attacker sends a hand-crafted TCP-Packet with the Urgent-Flag set and the Urgent-Pointer set to 0, the network stack will crash. The device needs to be rebooted afterwards...
Design/Logic Flaw
In Phoenix Contact FL SWITCH SMCS series products in multiple versions if an attacker sends a hand-crafted TCP-Packet with the Urgent-Flag set and the Urgent-Pointer set to 0, the network stack will crash. The device needs to be rebooted afterwards...
CVE-2021-21005 Race Condition Vulnerability in Phoenix Contact FL SWITCH SMCS series products
In Phoenix Contact FL SWITCH SMCS series products in multiple versions if an attacker sends a hand-crafted TCP-Packet with the Urgent-Flag set and the Urgent-Pointer set to 0, the network stack will crash. The device needs to be rebooted afterwards...
CVE-2020-7469
In FreeBSD 12.2-STABLE before r367402, 11.4-STABLE before r368202, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 the handler for a routing option caches a pointer into the packet buffer holding the ICMPv6 message. However, when processing subsequent options the packet...
CVE-2020-7469
In FreeBSD 12.2-STABLE before r367402, 11.4-STABLE before r368202, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 the handler for a routing option caches a pointer into the packet buffer holding the ICMPv6 message. However, when processing subsequent options the packet...
CVE-2020-7469
Removed by vendor...
CVE-2020-7469
The CVE-2020-7469 issue affects FreeBSD’s ICMPv6 handling: the routing option handler caches a pointer to a packet buffer containing an ICMPv6 message, which can be freed later, risking a use-after-free when the pointer is dereferenced. A remote attacker could trigger a read of freed kernel memor...
Cisco NX-OS Software IPv6 Netstack DoS (cisco-sa-nxos-ipv6-netstack-edXPGV7K)
According to its self-reported version, the network stack of Cisco NX-OS Software is affected by denial of service vulnerability due to buffers not freeing properly in the Cisco NX-OS Software network stack known as netstack. An unauthenticated, remote attacker can exploit this by sending multipl...
Design/Logic Flaw
A vulnerability in the forwarding of transit TCPv6 packets received on the Ethernet management interface of Juniper Networks Junos OS allows an attacker to trigger a kernel panic, leading to a Denial of Service DoS. Continued receipt and processing of these transit packets will create a sustained...
CVE-2021-0258
CVE-2021-0258 describes a DoS vulnerability in Juniper Networks Junos OS where forwarding of transit TCPv6 packets on the Ethernet management interface can trigger a kernel panic. The issue arose from a TCP Parallelization feature introduced in Junos OS 17.2, active by default with concurrent net...
Cisco NX-OS Denial of Service Vulnerability (CNVD-2021-13218)
Cisco NX-OS is the network operating system for the Cisco Nexus family of Ethernet switches and the MDS family of Fibre Channel storage area network switches. A denial of service vulnerability exists in the network stack of Cisco NX-OS. The vulnerability stems from the software incorrectly freein...
CVE-2021-1387
Cisco NX-OS Software IPv6 Netstack vulnerability (CVE-2021-1387) affects the network stack of Cisco NX-OS, where the netstack improperly releases resources while processing certain IPv6 packets destined for the device. An unauthenticated, remote attacker can send crafted IPv6 packets to trigger a...
Cisco NX-OS Software 安全漏洞
Cisco NX-OS is the network operating system for the Cisco Nexus family of Ethernet switches and the MDS family of Fibre Channel storage area network switches. A denial of service vulnerability exists in the network stack of Cisco NX-OS. The vulnerability stems from the software incorrectly freein...
Researchers Follow the Breadcrumbs: The Latest Vulnerabilities in Windows' Network Stack | McAfee Blogs
ARCHIVED STORY Researchers Follow the Breadcrumbs: The Latest Vulnerabilities in Windows’ Network Stack Steve Povolny · FEB 09, 2021 The concept of a trail of breadcrumbs in the offensive security community is nothing new; for many years, researchers on both sides of the ethical spectrum have...
Researchers Follow the Breadcrumbs: The Latest Vulnerabilities in Windows' Network Stack | McAfee Blogs
ARCHIVED STORY Researchers Follow the Breadcrumbs: The Latest Vulnerabilities in Windows’ Network Stack Steve Povolny · FEB 09, 2021 The concept of a trail of breadcrumbs in the offensive security community is nothing new; for many years, researchers on both sides of the ethical spectrum have...
HPSBPI03709 rev. 1 - Certain HP and Samsung-branded Print Products - IPv6 Network Stack Vulnerability
Potential Security Impact Denial of Service Source: HP, HP Product Security Response Team PSRT VULNERABILITY SUMMARY HP has identified a potential security vulnerability with the IPv6 network stack of certain HP and Samsung branded printers that could result in a denial of service. RESOLUTION HP ...
CVE-2020-27337
An issue was discovered in Treck IPv6 before 6.0.1.68. Improper Input Validation in the IPv6 component allows an unauthenticated remote attacker to cause an Out of Bounds Write, and possibly a Denial of Service via network access...
DEBIAN-CVE-2020-13988
An issue was discovered in Contiki through 3.0. An Integer Overflow exists in the uIP TCP/IP Stack component when parsing TCP MSS options of IPv4 network packets in uipprocess in net/ipv4/uip.c...
CVE-2020-13984
An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when processing IPv6 extension headers in exthdroptionsprocess in net/ipv6/uip6.c...
FreeBSD : FreeBSD -- ICMPv6 use-after-free in error message handling (8eed0c5c-3482-11eb-b87a-901b0ef719ab)
When an ICMPv6 error message is received, the FreeBSD ICMPv6 stack may extract information from the message to hand to upper-layer protocols. As a part of this operation, it may parse IPv6 header options from a packet embedded in the ICMPv6 message. The handler for a routing option caches a point...