How to Perform Reverse Imaging on a Provisioning Services Target Device for Windows and its Applicable Usages

When a Provisioning Services Target Device for Windows is booted from Provisioning Services across the network, it is not possible to perform any software updates that affect the network stack, since the network stack changes will drop the connection to the vDisk. The following provides a list of...

SUSE SLED12 / SLES12 Security Update : libqt4 (SUSE-SU-2015:1359-1)

The libqt4 library was updated to fix several security and non security issues. The following vulnerabilities were fixed : - bsc921999: CVE-2015-0295: division by zero when processing malformed BMP files - bsc927806: CVE-2015-1858: segmentation fault in BMP Qt Image Format Handling - bsc927807:...

Cisco IOS XR LPTS Network Stack Remote Denial of Service Vulnerability

A vulnerability in the Local Packet Transport Services LPTS network stack of Cisco IOS XR for Cisco ASR9k could allow an unauthenticated, remote attacker to cause a limited denial of service DoS condition on an affected platform. The vulnerability is due to improper handling of flow base entries ...

Wedge WedgeOS Arbitrary Command Injection Vulnerability

Wedge WedgeOS is a network stack implementation. An arbitrary command injection vulnerability exists in Wedge WedgeOS, which allows remote attackers to execute arbitrary commands...

Wedge WedgeOS Arbitrary Command Execution Vulnerability

Wedge WedgeOS is a network stack implementation. An arbitrary command execution vulnerability exists in Wedge WedgeOS that could be exploited by a remote attacker to execute arbitrary commands...

Wedge WedgeOS Arbitrary File Read Vulnerability

Wedge WedgeOS is a network stack implementation. An arbitrary file read vulnerability exists in Wedge WedgeOS, which allows remote attackers to read arbitrary files...

SUSE-SU-2015:1359-1 Security update for libqt4

The libqt4 library was updated to fix several security and non security issues. The following vulnerabilities were fixed: - bsc921999: CVE-2015-0295: division by zero when processing malformed BMP files - bsc927806: CVE-2015-1858: segmentation fault in BMP Qt Image Format Handling - bsc927807:...

Code injection

The network stack in Cisco TelePresence MCU Software before 4.32.30 allows remote attackers to cause a denial of service memory consumption via crafted TCP packets, aka Bug ID CSCtz35468...

Cisco TelePresence MCU Software Memory Exhaustion Vulnerability

A vulnerability in the network stack of Cisco TelePresence MCU Software could allow an unauthenticated, remote attacker to cause the exhaustion of available memory which could lead to system instability and a reload of the affected system. Cisco has released software updates that address this...

VxWorks WDB Agent 远程内存读取漏洞

VxWorks安全初探 404@KnownSec --- 0x00 前言 --- 关于VxWorks，这里引用44CON议题《攻击 VxWorks：从石器时代到星际》探究 一文章中的介绍： VxWorks 是世界上使用最广泛的一种在嵌入式系统中部署的实时操作系统，是由美国WindRiver公司（简称风河公司，即WRS 公司）于1983年设计开发的。其市场范围跨越所有的安全关键领域，仅举几例，包括火星好奇心流浪者、波音787梦幻客机、网络路由器。这些应用程序的安全高危性质使得VxWorks的安全被高度关注。 VxWorks操作系统是由美国Wind...

TANDBERG vF8.2, F8.0, F7.2, and F6.3 - Remote Denial of Service

No description provided by source. Security Advisory Platform : TANDBERG Date : November 6, 2009 Affected : All MXP FIPS140 Current as of December 8, 2009 Tested : F8.2, F8.0, F7.2, F6.3 Unconf : VCS, BC, C90 Author : otokoyama Problem Description: Issues with the H.225 RAS implementation in...

Windows 98 ARP Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3113/info A potential denial of service vulnerability exists in some versions of the Microsoft Windows network stack. The problem occurs when a large number of extraneous ARP packets sent to a host running Windows. This c...

MS Windows Vista - Forged ARP packet Network Stack DoS Exploit

No description provided by source. !/usr/bin/env python :: Kristian Hermansen :: Date: 20070514 Reference: CVE-2007-1531 Description: Microsoft Windows Vista SP0 dumps interfaces when it receives this ARP packet. This DoS is useful for an internet cafe, wireless venue, or legitimate local attack...

openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2013:1288-1)

java-170-openjdk was updated to icedtea-2.4.1 bnc828665 - Security fixes - S6741606, CVE-2013-2407: Integrate Apache Santuario - S7158805, CVE-2013-2445: Better rewriting of nested subroutine calls - S7170730, CVE-2013-2451: Improve Windows network stack support. - S8000638, CVE-2013-2450: Improv...

[AIEngine] Artificial Inteligent Engine

AIEngine is a packet inspection engine with capabilities of learning without any human intervention. AIEngine helps network/security profesionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on. Using AIEngine To use AIEngine just execute...

SuSE 11.3 Security Update : java-1_7_0-openjdk (SAT Patch Number 8090)

This update to icedtea-2.4.1 fixes various security issues : - S6741606, CVE-2013-2407: Integrate Apache Santuario - S7158805, CVE-2013-2445: Better rewriting of nested subroutine calls - S7170730, CVE-2013-2451: Improve Windows network stack support. - S8000638, CVE-2013-2450: Improve...

SuSE 11.2 Security Update : java-1_6_0-openjdk (SAT Patch Number 8084)

java-160-openjdk has been updated to Icedtea6-1.12.6 version. Security fixes : - S6741606, CVE-2013-2407: Integrate Apache Santuario - S7158805, CVE-2013-2445: Better rewriting of nested subroutine calls - S7170730, CVE-2013-2451: Improve Windows network stack support. - S8000638, CVE-2013-2450:...

Cisco Hosted Collaboration Mediation Excessive CPU Utilization Vulnerability

A vulnerability in the network stack of Cisco Hosted Collaboration Mediation could allow an unauthenticated, remote attacker to cause excessive CPU utilization on the affected system. The vulnerability is due to insufficient optimization of resources when the affected system is flooded with...

Debian Security Advisory DSA 2663-1 (tinc - stack based buffer overflow)

Martin Schobert discovered a stack-based vulnerability in tinc, a Virtual Private Network VPN daemon. When packets are forwarded via TCP, packet length is not checked against the stack buffer length. Authenticated peers could use this to crash the tinc daemon and maybe execute arbitrary code. Not...

Ubuntu Update for linux-lts-backport-natty USN-1256-1

Ubuntu Update for Linux kernel vulnerabilities USN-1256-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12561.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux-lts-backport-natty USN-1256-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...