CVE-2018-14663

PowerDNS DNSDist prior to 1.3.3 is affected by a vulnerability where a crafted DNS query with trailing data could cause an EDNS Client Subnet/record addition to be smuggled to the backend, potentially exposing records unseen by dnsdist. This issue occurs when useClientSubnet or the experimental a...

CVE-2018-14663

An issue has been found in PowerDNS DNSDist before 1.3.3 allowing a remote attacker to craft a DNS query with trailing data such that the addition of a record by dnsdist, for example an OPT record when adding EDNS Client Subnet, might result in the trailing data being smuggled to the backend as a...

Junos OS: Invalid IP/mask learned from DHCP server might cause device control daemon (dcd) process crash

An improper input validation weakness in the device control daemon process dcd of Juniper Networks Junos OS allows an attacker to cause a Denial of Service to the dcd process and interfaces and connected clients when the Junos device is requesting an IP address for itself. Junos devices are not...

August 9, 2016 — KB3176492 (OS Build 10240.17071)

August 9, 2016 — KB3176492 OS Build 10240.17071 This update includes quality improvements and security fixes. No new operating system features are being introduced in this update. Key changes include: Improved reliability for Internet Explorer 11 and WebDAV shares. Addressed issue affecting some...

CVE-2018-8842

Philips e-Alert Unit non-medical device, Version R2.1 and prior. The software transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. The Philips e-Alert communication channel is not encrypted which could therefore lead to...

CVE-2017-2879

An exploitable buffer overflow vulnerability exists in the UPnP implementation used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted UPnP discovery response can cause a buffer overflow resulting in overwriting arbitrary data. An attacker needs to be in...

openstack-neutron: A router interface out of subnet IP range results in a denial of service

When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from...

CVE-2016-7069

An issue has been found in dnsdist before 1.2.0 in the way EDNS0 OPT records are handled when parsing responses from a backend. When dnsdist is configured to add EDNS Client Subnet to a query, the response may contain an EDNS0 OPT record that has to be removed before forwarding the response to th...

DEBIAN-CVE-2016-7069

An issue has been found in dnsdist before 1.2.0 in the way EDNS0 OPT records are handled when parsing responses from a backend. When dnsdist is configured to add EDNS Client Subnet to a query, the response may contain an EDNS0 OPT record that has to be removed before forwarding the response to th...

UBUNTU-CVE-2016-7069

An issue has been found in dnsdist before 1.2.0 in the way EDNS0 OPT records are handled when parsing responses from a backend. When dnsdist is configured to add EDNS Client Subnet to a query, the response may contain an EDNS0 OPT record that has to be removed before forwarding the response to th...

PYSEC-2018-1

Unauthenticated access to cloudtoken daemon on Linux via network from version 0.1.1 before version 0.1.24 allows attackers on the same subnet to gain temporary AWS credentials for the users' roles...

CVE-2018-13390

Unauthenticated access to cloudtoken daemon on Linux via network from version 0.1.1 before version 0.1.24 allows attackers on the same subnet to gain temporary AWS credentials for the users' roles...

Security Bulletin: IBM Cloud Manager with Openstack DoS through IPv6 subnet vulnerability (CVE-2014-4167)

Summary By creating an IPv6 private subnet attached to a L3 router, an authenticated user may break the L3-agent, preventing further floating IPv4 addresses from being attached for the entire cloud. Vulnerability Details CVE ID: CVE-2014-4167 Description: The OpenStack Neutron L3-agent is...

Pure Blood v2.0 - A Penetration Testing Framework Created For Hackers / Pentester / Bug Hunter

A Penetration Testing Framework created for Hackers / Pentester / Bug Hunter. Web Pentest / Information Gathering: Banner Grab Whois Traceroute DNS Record Reverse DNS Lookup Zone Transfer Lookup Port Scan Admin Panel Scan Subdomain Scan CMS Identify Reverse IP Lookup Subnet Lookup Extract Page...

NETworkManager - A Powerful Tool For Managing Networks And Troubleshoot Network Problems

A powerful tool for managing networks and troubleshoot network problems! Features Network Interface - Information, Configure IP-Scanner Port-Scanner Ping Traceroute DNS Lookup Remote Desktop PuTTY SNMP - Get, Walk, Set v1, v2c, v3 Wake on LAN HTTP Headers Subnet Calculator - Calculator, Subnettin...

CVE-2018-3628

Buffer overflow in HTTP handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to execute arbitrary code via the same subnet...

CVE-2018-3629

Buffer overflow in event handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to cause a denial of service via the same subnet...

Buffer overflow

Buffer overflow in HTTP handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to execute arbitrary code via the same subnet...

Buffer overflow

Buffer overflow in event handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to cause a denial of service via the same subnet...

CVE-2018-3628

Buffer overflow in HTTP handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to execute arbitrary code via the same subnet...