92 matches found
SUSE-SU-2016:3083-1 Security update for xen
This update for xen to version 4.5.5 fixes several issues. These security issues were fixed: - CVE-2016-9637: ioport array overflow allowing a malicious guest administrator can escalate their privilege to that of the host bsc1011652 - CVE-2016-9386: x86 null segments were not always treated as...
The vulnerability of L-Switch and L-IP router microprogramming systems allows attackers to gain access to backup files containing password hashes.
The vulnerability of L-Switch and L-IP router microprogramming systems is related to insufficient protection of registration data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to backup files containing hashed passwords...
Huawei eSpace U2980 and U2990 Denial of Service Vulnerabilities
Huawei eSpace U2980 and U2990 are both telephone switch products from Huawei, a Chinese company. A denial of service vulnerability exists in the Huawei eSpace U2980 and U2990 switches. An attacker could use this vulnerability to cause the program to deny service to legitimate users...
GarrettCom Magnum 6K and 10K Switches Local Security Bypass Vulnerability
GarrettCom Magnum 6K and 10K Switches are managed switches from GarrettCom USA. A security vulnerability exists in GarrettCom Magnum 6K and 10K Switches that allows a local attacker to bypass security restrictions and perform unauthorized operations...
The vulnerability of Siemens Ruggedcom WIN52 microprogramming software allows a intruder to gain access to the switch with administrator privileges.
The vulnerability of Siemens Ruggedcom WIN52 microprogramming software may allow a malicious actor to bypass authentication procedures when using remote control services and gain access to the switch with administrator privileges...
CVE-2012-5216
HP ProCurve 1700 series switches (1700-8 J9079A and 1700-24 J9080A) are affected by a cross-site request forgery (CSRF) vulnerability. The issue allows an attacker to hijack the authenticated session of a user who views a malicious page while logged in, potentially changing product settings. Publ...
US-CERT Warns of Cisco Ethernet-Switch Vulnerability
Cisco Industrial Ethernet 3000 IE 3000 Series switches contain well-known, hard-coded read and write SNMP community strings. An remote attacker could take full control of a vulnerable device. Read the full statement. US-CERT...
CVE-2004-2502
im-switch before 11.4-46.1 in Fedora Core 2 allows local users to overwrite arbitrary files via a symlink attack on the imswitcherPID temporary file...
Allied Telesyn switches & routers vulnerability
Hello, all The problem: Zero stream DoS switch! We have tested switches of Allied Telesyn, 8024 and Rapier24. We have installed the latest firmware from AT site. Testing: 1. Scan for open ports on switch assume switch address 192.168.0.13: nmap -v -sT 192.168.0.13 Starting nmap V. 2.54BETA22...
CVE-2001-0566
CVE-2001-0566 affects Cisco Catalyst 2900XL switches. A remote attacker can cause a denial-of-service by sending an empty UDP packet to UDP port 161 (SNMP) when SNMP is disabled. The vulnerability is tied to handling of unsolicited SNMP traffic even with SNMP disabled, leading to partial availabi...
mod_sqlpw Password Caching Bug
The modsqlpw module for ProFTPD caches the user id and password information returned from the mysql database when attempting to verify a password. When the "user" command is used to switch to another account, the cached password is not cleard, and the password entered is checked against the cache...
Security Advisory: Cisco Catalyst Memory Leak Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Cisco Catalyst Memory Leak Vulnerability Revision 1.0 For Release 2000 December 6 08:00 AM US/Pacific UTC+0700 Summary A series of failed telnet authentication attempts to the switch can cause the Catalyst Switch to fail to pass traffic or accept management...