JVN#38732359: Multiple Yamaha network devices vulnerable to denial-of-service (DoS)

Multiple network devices provided by Yamaha Corporation contain a denial-of-service DoS vulnerability CWE-400 due to an issue in processing received packets. Impact A remote attacker may be able to cause a denial-of-service DoS condition. Solution Update the firmware Update to the latest version ...

Buffer overflow

Buffer overflow occurs while processing LMP packet in which name length parameter exceeds value specified in BT-specification in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdrag...

CVE-2019-14095

CVE-2019-14095 describes a buffer overflow in Snapdragon devices during LMP packet processing when the Bluetooth name length exceeds the BT specification. Affected families include Snapdragon Auto, Compute, Connectivity, and related Snapdragon devices across numerous SoCs (APQ8009, SDM… etc.). Th...

Wireshark 3.0.x < 3.0.8 A Vulnerability (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.0.8. It is, therefore, affected by a vulnerability as referenced in the wireshark-3.0.8 advisory. - In Wireshark 3.0.x before 3.0.8, the BT ATT dissector could crash. This was addressed in...

Wireshark 3.0.x < 3.0.8 A Vulnerability

The version of Wireshark installed on the remote Windows host is prior to 3.0.8. It is, therefore, affected by a vulnerability as referenced in the wireshark-3.0.8 advisory. - In Wireshark 3.0.x before 3.0.8, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c b...

Fedora Update for dpdk FEDORA-2019-019df9a459

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Weak Password Vulnerability in Tianrongxin NGFW® Next-Generation Firewall

NGFW®, the next-generation firewall of TIANRONGXIN, adopts its own patented operating system NGTOS and security engine, utilizes the advanced Intel® Xeon® processor family and integrates the packet processing framework provided by Intel® Data Plane Development Kit to provide network processing...

[SECURITY] Fedora 31 Update: dpdk-18.11.2-3.fc31

The Data Plane Development Kit is a set of libraries and drivers for fast packet processing in the user space...

Kernel: vhost_net: infinite loop while receiving packets leads to DoS

An infinite loop issue was found in the vhostnet kernel module while handling incoming packets in handlerx. The infinite loop could occur if one end sends packets faster than the other end can process them. A guest user, maybe a remote one, could use this flaw to stall the vhostnet kernel thread,...

Kernel: vhost_net: infinite loop while receiving packets leads to DoS

An infinite loop issue was found in the vhostnet kernel module while handling incoming packets in handlerx. The infinite loop could occur if one end sends packets faster than the other end can process them. A guest user, maybe a remote one, could use this flaw to stall the vhostnet kernel thread,...

Kernel: vhost_net: infinite loop while receiving packets leads to DoS

An infinite loop issue was found in the vhostnet kernel module while handling incoming packets in handlerx. The infinite loop could occur if one end sends packets faster than the other end can process them. A guest user, maybe a remote one, could use this flaw to stall the vhostnet kernel thread,...

Junos OS: SIP ALG flowd DoS (JSA10953)

According to its self-reported version number, the remote Juniper Junos device is affected by a vulnerability in the SIP ALG packet processing service which allows an attacker to cause a Denial of Service DoS to the device. A remote, unauthenticated attacker can exploit this by sending specific...

CVE-2019-0055

A vulnerability in the SIP ALG packet processing service of Juniper Networks Junos OS allows an attacker to cause a Denial of Service DoS to the device by sending specific types of valid SIP traffic to the device. In this case, the flowd process crashes and generates a core dump while processing...

Design/Logic Flaw

A vulnerability in the SIP ALG packet processing service of Juniper Networks Junos OS allows an attacker to cause a Denial of Service DoS to the device by sending specific types of valid SIP traffic to the device. In this case, the flowd process crashes and generates a core dump while processing...

PT-2019-3163 · Microsoft · Windows Dhcp Server Service +1

Name of the Vulnerable Software and Affected Versions: Windows Server DHCP service affected versions not specified Description: A memory corruption issue exists in the Windows Server DHCP service when it processes specially crafted packets. This could allow a remote unauthenticated attacker to...

RHEL 7 : libssh2 (RHSA-2019:2399)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2399 advisory. The libssh2 packages provide a library that implements the SSH2 protocol. Security Fixes: libssh2: Integer overflow in transport read...

RHEL 7 : libssh2 (RHSA-2019:1791)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1791 advisory. The libssh2 packages provide a library that implements the SSH2 protocol. Security Fixes: libssh2: Integer overflow in transport read...

Scientific Linux Security Update : libssh2 on SL6.x i386/x86_64 (20190702)

Security Fixes : - libssh2: Integer overflow in transport read resulting in out of bounds write CVE-2019-3855 - libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write CVE-2019-3856 - libssh2: Integer overflow in SSH packet processing channel resulting in out o...

Race condition

A vulnerability in the internal packet-processing functionality of the Cisco StarOS operating system running on virtual platforms could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service DoS condition. The vulnerabili...

Cisco StarOS Denial of Service Vulnerability

Cisco StarOS is a router operating system that controls the entire system logic and can control processes and CLIs. A denial of service vulnerability exists in the internal packet processing function of Cisco StarOS running on a virtual platform. The vulnerability stems from a possible logic erro...