37 matches found
CVE-2022-24705
The radpacketrecv function in radius/packet.c suffers from a memcpy buffer overflow, resulting in an overly-large recvfrom into a fixed buffer that causes a buffer overflow and overwrites arbitrary memory. If the server connects with a malicious client, crafted client requests can remotely trigge...
CVE-2019-5182
An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file.The destination buffer sp+0x440 is...
The vulnerability of the tftp_receive_packet function in the libcurl library, related to buffer overflow in memory, allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the tftpreceivepacket function in the libcurl library is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its integrity, and cause service failures...
Design/Logic Flaw
Fujifilm FCR Capsula X/ Carbon X/ FCR XC-2, model versions CR-IR 357 FCR Carbon X, CR-IR 357 FCR XC-2, FCR-IR 357 FCR Capsula X are susceptible to a denial-of-service condition as a result of an overflow of TCP packets, which requires the device to be manually rebooted...
CVE-2019-10948
Fujifilm FCR Capsula X/ Carbon X/ FCR XC-2, model versions CR-IR 357 FCR Carbon X, CR-IR 357 FCR XC-2, FCR-IR 357 FCR Capsula X are susceptible to a denial-of-service condition as a result of an overflow of TCP packets, which requires the device to be manually rebooted...
SUSE SLES12 Security Update : freeradius-server (SUSE-SU-2017:2243-1)
This update for freeradius fixes the following issues: Security issues fixed : - CVE-2017-10988: Decode 'signed' attributes correctly. bnc1049086 - CVE-2017-10987: Check for option overflowing the packet. bnc1049086 - CVE-2017-10985: Fix infinite loop and memory exhaustion with 'concat' attribute...
MGASA-2017-0152 Updated openvpn packages fix security vulnerability
It was discovered that OpenVPN improperly triggered an assert when receiving an oversized control packet in some situations. A remote attacker could use this to cause a denial of service server or client crash CVE-2017-7478. It was discovered that OpenVPN improperly triggered an assert when packe...
kernel security, bug fix, and enhancement update
3.10.0-514.21.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-514.21.1 - kernel sched/core: Fix an SMP ordering race in trytowakeup vs...
DEBIAN-CVE-2017-5597
In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the DHCPv6 dissector could go into a large loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dhcpv6.c by changing a data type to avoid an integer overflow...
Denial of Service Vulnerability in a Component of RealInfo for Zijin Bridge Monitoring and Configuration Software
Zijinqiao monitoring and control configuration software is a general industrial configuration software developed by Zijinqiao Company in long-term scientific research and engineering practice. A security vulnerability exists in a component of the software, which allows an attacker to exploit the...
QEMU '/hw/net/net_tx_pkt.c' integer overflow vulnerability
QEMU is a simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. QEMU suffers from an integer overflow vulnerability. An attacker can exploit the vulnerability to collide instances of QEMU, resulting in a denial of service situation...
Kerio Personal Firewall <= 2.1.4 - Remote Authentication Packet Overflow
No description provided by source. This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artisti...
DEBIAN-CVE-2010-1159
Multiple heap-based buffer overflows in Aircrack-ng before 1.1 allow remote attackers to cause a denial of service crash and execute arbitrary code via a 1 large length value in an EAPOL packet or 2 long EAPOL packet...
ISS PAM.dll ICQ Parser Buffer Overflow
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'ISS PAM.dll...
FileZilla FTP Server < 0.9.31 SSL/TLS Packet Overflow DoS
Binary data 4952.prm...
Skype security advisory
Synopsis ======== The EADS/CRC security team discovered a flaw in Skype client. Skype is a P2P VoIP software that can bypass firewalls and NAT to connect to the Skype network. Skype is very popular because of its sound quality and ease of use. Skype client is available for Windows, Linux, Mac OS ...
CVE-2002-1024
Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service CPU consumption via a large packet that was designed to exploit the SSH CRC32 attack detection overflow CVE-2001-0144...