192 matches found
Design/Logic Flaw
Michael Salzer Guestbox 0.6, and other versions before 0.8, allows remote attackers to obtain the source IP addresses of guestbook entries via a direct request to /gb/gblog...
CVE-2006-0861
The CVE-2006-0861 entry concerns Michael Salzer Guestbox 0.6 and earlier than 0.8, where a direct request to /gb/gblog can disclose the source IP addresses of guestbook entries. The NVD summary notes a network-accessible issue with low attack complexity and no authentication, yielding partial con...
CVE-2006-0861
Michael Salzer Guestbox 0.6, and other versions before 0.8, allows remote attackers to obtain the source IP addresses of guestbook entries via a direct request to /gb/gblog...
Tcpdump 3.8.x - ldp_print Infinite Loop Denial of Service
Tcpdump 3.8.x - ldpprint Infinite Loop Denial of Service / tcpdump3.8.x: LDP ldpprint infinite loop DOS. by: vade79/v9 [email protected] fakehalo/realhalo compile: gcc xtcpdump-ldp-dos.c -o xtcpdump-ldp-dos tcpdump homepage/URL: http://www.tcpdump.org fix: this appears to have been fixed in the alph...
OpenSSH < 2.9.9 Multiple Key Type ACL Bypass
Binary data 1988.prm...
RHSA-2003-145: kernel (deprecated)
The remote host is running a kernel which is vulnerable to a remote denial of service. The Linux kernel handles all the low-level functionality of the Operating System. This version of the kernel is vulnerable to a flaw wherein a remote attacker can forge source IP addresses in such a way as to...
An Implementation of a Birthday Attack in a DNS Spoofing
An Implementation of a Birthday Attack in a DNS Spoofing. By Ramon Izaguirre. 0.- Introduction, In november 2002 Vagner Sacramento discovered that a dns server would reply with n responses to n queries made from different ip addresses for the same domain...
CVE-2002-1431
Belkin F5D5230-4 4-Port Cable/DSL Gateway Router 1.20.000 modifies the source IP address of internal packets to that of the router's external interface when forwarding a request from an internal host to an internal web server, which allows remote attackers to hide which host is being used to acce...
CVE-2002-0778
The default configuration of the proxy for Cisco Cache Engine and Content Engine allows remote attackers to use HTTPS to make TCP connections to allowed IP addresses while hiding the actual source IP...
CVE-2002-1431
Belkin F5D5230-4 4-Port Cable/DSL Gateway Router 1.20.000 modifies the source IP address of internal packets to that of the router's external interface when forwarding a request from an internal host to an internal web server, which allows remote attackers to hide which host is being used to acce...
Protection bypass in Sygate Personal Firewall
IP packets with source IP 127.0.0.1 will bypass protection...
OpenSSH Security Advisory (adv.option)
Weakness in OpenSSH's source IP based access control for SSH protocol v2 public key authentication. 1. Systems affected: Versions of OpenSSH between 2.5.x and 2.9.x using the 'from=' key file option in combination with both RSA and DSA keys in /.ssh/authorizedkeys2. 2. Description: Depending on t...