CVE-2018-18541

In Teeworlds before 0.6.5, connection packets could be forged. There was no challenge-response involved in the connection build up. A remote attacker could send connection packets from a spoofed IP address and occupy all server slots, or even use them for a reflection attack using map download...

CVE-2018-18541

In Teeworlds before 0.6.5, connection packets could be forged. There was no challenge-response involved in the connection build up. A remote attacker could send connection packets from a spoofed IP address and occupy all server slots, or even use them for a reflection attack using map download...

Design/Logic Flaw

In Teeworlds before 0.6.5, connection packets could be forged. There was no challenge-response involved in the connection build up. A remote attacker could send connection packets from a spoofed IP address and occupy all server slots, or even use them for a reflection attack using map download...

DEBIAN-CVE-2018-18541

In Teeworlds before 0.6.5, connection packets could be forged. There was no challenge-response involved in the connection build up. A remote attacker could send connection packets from a spoofed IP address and occupy all server slots, or even use them for a reflection attack using map download...

CVE-2018-18541

In Teeworlds before 0.6.5, connection packets could be forged. There was no challenge-response involved in the connection build up. A remote attacker could send connection packets from a spoofed IP address and occupy all server slots, or even use them for a reflection attack using map download...

CVE-2018-18541

Teeworlds vulnerability CVE-2018-18541 affects versions before 0.6.5, where connection packets could be forged due to lack of a challenge–response during connection setup. A remote attacker could spoof a IP to occupy all server slots or perform reflection attacks using map download packets. The i...

CVE-2018-18541

In Teeworlds before 0.6.5, connection packets could be forged. There was no challenge-response involved in the connection build up. A remote attacker could send connection packets from a spoofed IP address and occupy all server slots, or even use them for a reflection attack using map download...

apache-cxf: TLS hostname verification does not work correctly with com.sun.net.ssl.*

It was discovered that when Apache CXF is configured to use the system property com.sun.net.ssl.internal.www.protocol ,it uses reflection to make the HostnameVerifier work with old com.sun.net.ssl.HostnameVerifier interface. Although the CXF implementation throws an exception, which is caught in...

Security Bulletin: IBM Cúram Social Program Management is vulnerable to Java reflection attack(CVE-2014-8903).

Summary IBM Cúram Social Program Management is vulnerable to Java reflection attack caused by external input that is used to specify a class. A remote attacker could exploit this vulnerability by injecting arbitrary class names which will be subsequently loaded. Vulnerability Details CVE-2014-890...

Memcached DDoS Exploit Code and List of 17,000 Vulnerable Servers Released

Two separate proofs-of-concept PoC exploit code for Memcached amplification attack have been released online that could allow even script-kiddies to launch massive DDoS attacks using UDP reflections easily. The first DDoS tool is written in C programming language and works with a pre-compiled lis...

Chargen Probe Utility

Chargen is a debugging and measurement tool and a character generator service. A character generator service simply sends data without regard to the input. Chargen is susceptible to spoofing the source of transmissions as well as use in a reflection attack vector. The misuse of the testing featur...

Microsoft Telnet Services Credential Reflection Code Execution (MS09-042; CVE-2009-1930)

Telnet is a bidirectional communications protocol that allows for command line remote administration over the TCP protocol. A remote code execution vulnerability has been reported in the way Microsoft Windows Telnet Service handles NTLM credentials. The vulnerability is due to an error in the...

Microsoft Windows SMB Credential Reflection Remote Code Execution (MS08-068; CVE-2008-4037)

SMB reflection attacks is a type of "Man-in-the-Middle" MITM attack in which an attacker reflects the clients SMB challenge back to the client and by that bypass security, allowing the attacker to execute code in the context of the logged-on user. A remote code execution vulnerability has been...