Lucene search
K

121 matches found

NVD
NVD
added 2023/05/08 9:15 p.m.9 views

CVE-2023-31127

libspdm is a sample implementation that follows the DMTF SPDM specifications. A vulnerability has been identified in SPDM session establishment in libspdm prior to version 2.3.1. If a device supports both DHE session and PSK session with mutual authentication, the attacker may be able to establis...

9CVSS9.3AI score0.00943EPSS
Exploits0References3
Prion
Prion
added 2023/05/08 9:15 p.m.44 views

Authentication flaw

libspdm is a sample implementation that follows the DMTF SPDM specifications. A vulnerability has been identified in SPDM session establishment in libspdm prior to version 2.3.1. If a device supports both DHE session and PSK session with mutual authentication, the attacker may be able to establis...

6.5CVSS8.7AI score0.00943EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2023/05/08 8:5 p.m.57 views

CVE-2023-31127

The connected sources describe CVE-2023-31127 in libspdm: a vulnerability in SPDM session establishment where, if a device supports both DHE and PSK sessions with mutual authentication, an attacker could establish a session via KEY_EXCHANGE and PSK_FINISH to bypass mutual authentication. Affected...

9CVSS8.9AI score0.00943EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/08 8:5 p.m.11 views

CVE-2023-31127 DMTF-2023-0001: SPDM mutual authentication bypass

libspdm is a sample implementation that follows the DMTF SPDM specifications. A vulnerability has been identified in SPDM session establishment in libspdm prior to version 2.3.1. If a device supports both DHE session and PSK session with mutual authentication, the attacker may be able to establis...

9CVSS9.2AI score0.00943EPSS
Exploits0References3
OSV
OSV
added 2023/05/08 8:5 p.m.30 views

CVE-2023-31127 DMTF-2023-0001: SPDM mutual authentication bypass

libspdm is a sample implementation that follows the DMTF SPDM specifications. A vulnerability has been identified in SPDM session establishment in libspdm prior to version 2.3.1. If a device supports both DHE session and PSK session with mutual authentication, the attacker may be able to establis...

9CVSS8.5AI score0.00943EPSS
Exploits0References5
NVD
NVD
added 2022/09/16 7:15 p.m.18 views

CVE-2022-39063

When Open5GS UPF receives a PFCP Session Establishment Request, it stores related values for building the PFCP Session Establishment Response. Once UPF receives a request, it gets the fteidlen from incoming message, and then uses it to copy data from incoming message to struct fteid without...

7.5CVSS0.01079EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/09/16 7:15 p.m.4 views

CVE-2022-39063

When Open5GS UPF receives a PFCP Session Establishment Request, it stores related values for building the PFCP Session Establishment Response. Once UPF receives a request, it gets the fteidlen from incoming message, and then uses it to copy data from incoming message to struct fteid without...

7.5CVSS7.1AI score0.01079EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2022/09/16 7:15 p.m.13 views

CVE-2022-39063

When Open5GS UPF receives a PFCP Session Establishment Request, it stores related values for building the PFCP Session Establishment Response. Once UPF receives a request, it gets the fteidlen from incoming message, and then uses it to copy data from incoming message to struct fteid without...

7.5CVSS6.8AI score
Exploits0References1
Prion
Prion
added 2022/09/16 7:15 p.m.12 views

Server side request forgery (ssrf)

When Open5GS UPF receives a PFCP Session Establishment Request, it stores related values for building the PFCP Session Establishment Response. Once UPF receives a request, it gets the fteidlen from incoming message, and then uses it to copy data from incoming message to struct fteid without...

5CVSS7.5AI score0.01079EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2022/09/16 6:2 p.m.64 views

CVE-2022-39063

Open5GS UPF contains a vulnerability (CVE-2022-39063) in PFCP Session Establishment handling: on receiving a request, it copies data into f_teid without validating the maximum length, so if pdi.local_f_teid.len exceeds the bound, memcpy overwrites fields (e.g., f_teid_len) after f_teid, and the o...

7.5CVSS7.4AI score0.01079EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/09/16 6:2 p.m.20 views

CVE-2022-39063

When Open5GS UPF receives a PFCP Session Establishment Request, it stores related values for building the PFCP Session Establishment Response. Once UPF receives a request, it gets the fteidlen from incoming message, and then uses it to copy data from incoming message to struct fteid without...

7.7AI score0.01079EPSS
Exploits1References1
NVD
NVD
added 2021/10/07 3:15 p.m.40 views

CVE-2021-41794

ogsfqdnparse in Open5GS 1.0.0 through 2.3.3 inappropriately trusts a client-supplied length value, leading to a buffer overflow. The attacker can send a PFCP Session Establishment Request with "internet" as the PDI Network Instance. The first character is interpreted as a length value to be used ...

7.5CVSS0.01183EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2021/10/07 3:15 p.m.2 views

CVE-2021-41794

ogsfqdnparse in Open5GS 1.0.0 through 2.3.3 inappropriately trusts a client-supplied length value, leading to a buffer overflow. The attacker can send a PFCP Session Establishment Request with "internet" as the PDI Network Instance. The first character is interpreted as a length value to be used ...

7.5CVSS7.5AI score0.01183EPSS
Exploits1References2
Prion
Prion
added 2021/10/07 3:15 p.m.19 views

Buffer overflow

ogsfqdnparse in Open5GS 1.0.0 through 2.3.3 inappropriately trusts a client-supplied length value, leading to a buffer overflow. The attacker can send a PFCP Session Establishment Request with "internet" as the PDI Network Instance. The first character is interpreted as a length value to be used ...

5CVSS7.6AI score0.01183EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/10/07 2:57 p.m.55 views

CVE-2021-41794

Open5GS CVE-2021-41794 affects Open5GS versions 1.0.0–2.3.3. The function ogs_fqdn_parse trusts a client-supplied length and uses it in a memcpy into a 100-byte stack buffer, enabling a buffer overflow when processing a PFCP Session Establishment Request with a crafted PDI Network Instance (e.g.,...

7.5CVSS7.5AI score0.01183EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/10/07 2:57 p.m.41 views

CVE-2021-41794

ogsfqdnparse in Open5GS 1.0.0 through 2.3.3 inappropriately trusts a client-supplied length value, leading to a buffer overflow. The attacker can send a PFCP Session Establishment Request with "internet" as the PDI Network Instance. The first character is interpreted as a length value to be used ...

7.8AI score0.01183EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2015/08/18 12:0 a.m.3 views

The vulnerability of the BN_GF2m_mod_inv function in the OpenSSL library, which allows a hacker to cause a service failure.

The vulnerability of the BNGF2mmodinv function crypto/bn/bngf2m.c in the OpenSSL library is related to resource management errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions due to errors occurring during the establishment of a connection session. Thi...

4.3CVSS6.5AI score0.23222EPSS
Exploits0References4Affected Software2
Check Point Advisories
Check Point Advisories
added 2015/04/06 12:0 a.m.22 views

Apache Qpid Session.gap Denial of Service (CVE-2015-0203)

A denial of service vulnerability exists in Apache Qpid. The vulnerability is due to an assertion failure prior to session establishment when processing the session.gap control segment. A remote, authenticated attacker could exploit this vulnerability by sending an out of sequence session.gap...

4CVSS4.6AI score0.08682EPSS
Exploits0
0day.today
0day.today
added 2014/02/11 12:0 a.m.16 views

Windows Command Shell Upgrade (Powershell)

This Metasploit module executes Powershell to upgrade a Windows Shell session to a full Meterpreter session. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/powershell' class...

6.9AI score
Exploits0
Ubuntu
Ubuntu
added 2007/05/21 9:22 p.m.35 views

USN-459-2: pptpd regression

USN-459-1 fixed vulnerabilities in pptpd. However, a portion of the fix caused a regression in session establishment under Dapper for certain PPTP clients. This update fixes the problem. We apologize for the inconvenience. Original advisory details: A flaw was discovered in the PPTP tunnel server...

5.4AI score
Exploits0References1
Rows per page
Query Builder