Lucene search
+L

86 matches found

redhat
redhat
added 2015/11/19 4:3 a.m.3 views

ntp: ntpd accepts unauthenticated packets with symmetric key crypto

It was found that ntpd did not check whether a Message Authentication Code MAC was present in a received packet when ntpd was configured to use symmetric cryptographic keys. A man-in-the-middle attacker could use this flaw to send crafted packets that would be accepted by a client or a peer witho...

1.8CVSS6.6AI score0.02219EPSS
Exploits0References4
osv
osv
added 2015/08/24 11:59 p.m.6 views

CVE-2015-6248

The ptvcursoradd function in the ptvcursor implementation in epan/proto.c in Wireshark 1.12.x before 1.12.7 does not check whether the expected amount of data is available, which allows remote attackers to cause a denial of service application crash via a crafted packet...

5.3AI score
Exploits0References12
osv
osv
added 2015/08/24 11:59 p.m.11 views

CVE-2015-6247

The dissectopenflowtablemodv5 function in epan/dissectors/packet-openflowv5.c in the OpenFlow dissector in Wireshark 1.12.x before 1.12.7 does not validate a certain offset value, which allows remote attackers to cause a denial of service infinite loop via a crafted packet...

6.2AI score
Exploits0References9
debiancve
debiancve
added 2015/08/24 11:0 p.m.34 views

CVE-2015-6249

The dissectwccp2r1addresstableinfo function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.7 does not prevent the conflicting use of a table for both IPv4 and IPv6 addresses, which allows remote attackers to cause a denial of service application crash via a...

4.3CVSS6AI score0.02838EPSS
Exploits0
debiancve
debiancve
added 2015/05/26 3:0 p.m.25 views

CVE-2015-3810

epan/dissectors/packet-websocket.c in the WebSocket dissector in Wireshark 1.12.x before 1.12.5 uses a recursive algorithm, which allows remote attackers to cause a denial of service CPU consumption via a crafted packet...

7.8CVSS5.2AI score0.03443EPSS
Exploits0
cve
cve
added 2015/05/26 3:0 p.m.89 views

CVE-2015-3814

The CVE-2015-3814 issue affects the Wireshark IEEE 802.11 dissector. The affected code paths (epan/dissectors/packet-ieee80211.c) interpret a zero value as a length instead of an error, allowing remote attackers to trigger a denial-of-service through crafted packets that cause an infinite loop. Af...

5CVSS5.1AI score0.02948EPSS
Exploits0References7Affected Software1
cve
cve
added 2015/04/29 1:0 a.m.53 views

CVE-2015-0709

CVE-2015-0709 affects Cisco IOS 15.5S and IOS XE. The vulnerability arises from improper processing of crafted RADIUS packets, enabling remote authenticated attackers to cause a denial of service (device crash) by leveraging knowledge of the RADIUS secret. Affected component: RADIUS packet handli...

6.8CVSS6.5AI score0.01086EPSS
Exploits0References2Affected Software1
nessus
nessus
added 2015/01/19 12:0 a.m.35 views

Oracle Solaris Third-Party Patch Update : wireshark (multiple_vulnerabilities_in_wireshark6)

The remote Solaris system is missing necessary patches to address security updates : - The P1 dissector in Wireshark 1.10.x before 1.10.1 does not properly initialize a global variable, which allows remote attackers to cause a denial of service application crash via a crafted packet. CVE-2013-492...

7.8CVSS6.3AI score0.03738EPSS
Exploits0References19
cvelist
cvelist
added 2015/01/10 2:0 a.m.31 views

CVE-2015-0559

Multiple use-after-free vulnerabilities in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service application crash via a crafted packet, related to the use of packet-scope memory instead ...

6.5AI score0.01578EPSS
Exploits0References5
cvelist
cvelist
added 2014/12/20 2:0 a.m.37 views

CVE-2014-9295

Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to 1 the cryptorecv function when the Autokey Authentication feature is used, 2 the ctlputdata function, and 3 the configure function...

7.8AI score0.78717EPSS
Exploits1References28
exploitpack
exploitpack
added 2014/11/19 12:0 a.m.24 views

Minix 3.3.0 - Remote TCPIP Stack Denial of Service

Minix 3.3.0 - Remote TCPIP Stack Denial of Service / ------------------------------------------------------- ||------+ MINIX =--|| ||--= Nov 2014 =--|| ||--= Mexico =--|| -- MINIX IS PRONE TO DENIAL OF SERVICE IN THE TCP/IP STACK /service/inet BY SENDING A SINGLE TCP PACKET WITH A MALFORMED TCP...

0.1AI score
Exploits0
osv
osv
added 2014/09/20 10:55 a.m.3 views

CVE-2014-6428

The dissectspdu function in epan/dissectors/packet-ses.c in the SES dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not initialize a certain ID value, which allows remote attackers to cause a denial of service application crash via a crafted packet...

6.1AI score
Exploits0References14
kitploit
kitploit
added 2014/01/26 12:53 a.m.23 views

[SPS] Simple Packet Sender

.png A Linux packet crafting tool. Supports IPv4, IPv6 including extension headers, and tunneling IPv6 over IPv4. Written in C on Linux with GUI built using GTK+ and released under GPLv3. Does not require pcap. Features: Packet crafting and sending one, multiple, or flooding IPv4 and IPv6 packets...

7.2AI score
Exploits0
prion
prion
added 2013/07/30 12:56 a.m.10 views

Code injection

Off-by-one error in the dissectradiotap function in epan/dissectors/packet-ieee80211-radiotap.c in the Radiotap dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service application crash via a crafted packet...

5CVSS6.8AI score0.0302EPSS
Exploits0References9Affected Software1
ubuntucve
ubuntucve
added 2013/07/30 12:56 a.m.27 views

CVE-2013-4930

The dissectdvbcitpduhdr function in epan/dissectors/packet-dvbci.c in the DVB-CI dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not validate a certain length value before decrementing it, which allows remote attackers to cause a denial of service assertion failure and...

5CVSS7.1AI score0.03738EPSS
Exploits0References7
ubuntucve
ubuntucve
added 2013/07/30 12:56 a.m.30 views

CVE-2013-4927

Integer signedness error in the gettypelength function in epan/dissectors/packet-btsdp.c in the Bluetooth SDP dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service loop and CPU consumption via a crafted packet...

7.8CVSS6.6AI score0.037EPSS
Exploits0References7
cvelist
cvelist
added 2013/07/29 7:0 p.m.24 views

CVE-2013-4936

The IsDFPFrame function in plugins/profinet/packet-pn-rt.c in the PROFINET Real-Time dissector in Wireshark 1.10.x before 1.10.1 does not validate MAC addresses, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted packet...

6.1AI score0.02953EPSS
Exploits0References9
cvelist
cvelist
added 2013/06/09 9:0 p.m.35 views

CVE-2013-4074

The dissectcapwapdata function in epan/dissectors/packet-capwap.c in the CAPWAP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 incorrectly uses a -1 data value to represent an error condition, which allows remote attackers to cause a denial of service application crash via a...

6.1AI score0.60643EPSS
Exploits7References17
cvelist
cvelist
added 2013/01/31 9:0 p.m.35 views

CVE-2012-5958

Stack-based buffer overflow in the uniqueservicename function in ssdp/ssdpserver.c in the SSDP parser in the portable SDK for UPnP Devices aka libupnp, formerly the Intel SDK for UPnP devices before 1.6.18 allows remote attackers to execute arbitrary code via a UDP packet with a crafted string th...

7.9AI score0.82807EPSS
Exploits6References18
ubuntucve
ubuntucve
added 2012/07/24 7:55 p.m.24 views

CVE-2012-4049

epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service loop and CPU consumption via a crafted packet...

2.9CVSS7.1AI score0.01647EPSS
Exploits1References4
Rows per page
Query Builder