232 matches found
CVE-2015-1610
CVE-2015-1610 affects the OpenDaylight l2switch component (hosttracker). The issue, described as topology spoofing, allows remote attackers to change host location information by spoofing a MAC address. Relevant sources (NVD, CVE listing, CNVD, PRION, CVELIST) confirm the vulnerability and descri...
CVE-2015-1610
hosttracker in OpenDaylight l2switch allows remote attackers to change the host location information by spoofing the MAC address, aka "topology spoofing."...
SDN Security Evaluation Framework: DELTA
DELTA is a penetration testing framework that regenerates known attack scenarios for diverse test cases. This framework also provides the capability of discovering unknown security problems in SDN by employing a fuzzing technique. Agent-Manager is the control tower. It takes full control over all...
OpenDaylight OpenFlow plugin security bypass vulnerability (CNVD-2015-01911)
Opendaylight, a project of the Linux Foundation in the United States, is a community-driven, open-source, software-defined networking framework that contains an ensemble of modules capable of performing networking tasks that need to be done quickly. A security bypass vulnerability exists in the...
OpenDaylight Helium Authentication Bypass Vulnerability
Opendaylight, a project of the Linux Foundation in the United States, is a community-driven, open-source, software-defined networking framework that contains an ensemble of modules capable of performing networking tasks that need to be done quickly. An authentication bypass vulnerability exists i...
OpenDaylight l2switch Security Bypass Vulnerability
Opendaylight, a project of the Linux Foundation in the United States, is a community-driven, open-source, software-defined networking framework that contains an ensemble of modules capable of performing networking tasks that need to be done quickly. A security bypass vulnerability exists in...
OpenDaylight OpenFlow Plugin Security Bypass Vulnerability
Opendaylight, a project of the Linux Foundation in the United States, is a community-driven, open-source, software-defined networking framework that contains an ensemble of modules capable of performing networking tasks that need to be done quickly. A security bypass vulnerability exists in the...
CVE-2014-5035
The Netconf TCP service in OpenDaylight 1.0 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference in an XML-RPC message, related to an XML External Entity XXE issue...
Xxe
The Netconf TCP service in OpenDaylight 1.0 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference in an XML-RPC message, related to an XML External Entity XXE issue...
CVE-2014-5035
The CVE-2014-5035 issue affects OpenDaylight 1.0 Netconf (TCP) service. It allows remote attackers to read arbitrary files via an XML External Entity (XXE) in conjunction with an entity reference inside an XML-RPC message, causing information disclosure. Root cause is processing of external entit...
CVE-2014-5035
The Netconf TCP service in OpenDaylight 1.0 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference in an XML-RPC message, related to an XML External Entity XXE issue...
CVE-2014-5035 - Opendaylight Vulnerable to Local and Remote File Inclusion in the Netconf (TCP) Service
Title =================== Opendaylight Vulnerable to Local and Remote File Inclusion in the Netconf TCP Service Summary =================== Opendaylight www.opendaylight.com is vulnerable to Local and Remote File Inclusion in the Netconf TCP Service via an External Entity Injection XXE...