Lucene search
K

386 matches found

securityvulns
securityvulns
added 2008/07/24 12:0 a.m.60 views

AST-2008-010: Asterisk IAX 'POKE' resource exhaustion

Asterisk Project Security Advisory - AST-2008-010 +------------------------------------------------------------------------+ | Product | Asterisk | |----------------------+-------------------------------------------------| | Summary | Asterisk IAX 'POKE' resource exhaustion |...

7.8CVSS0.4AI score0.28EPSS
Exploits1
securityvulns
securityvulns
added 2008/06/05 12:0 a.m.81 views

Cisco Security Advisory: Multiple Vulnerabilities in Cisco PIX and Cisco ASA

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Multiple Vulnerabilities in Cisco PIX and Cisco ASA Document ID: 105444 Advisory ID: cisco-sa-20080604-asa http://www.cisco.com/warp/public/707/cisco-sa-20080604-asa.shtml Revision 1.0 For Public Release 2008 June 04 1600 UTC...

7.8CVSS1.1AI score0.02895EPSS
Exploits0
Prion
Prion
added 2008/06/04 9:32 p.m.20 views

Design/Logic Flaw

Cisco Adaptive Security Appliance ASA and Cisco PIX security appliance 7.1.x before 7.1270, 7.2.x before 7.24, and 8.0.x before 8.0310 allows remote attackers to cause a denial of service via a crafted TCP ACK packet to the device interface...

7.8CVSS7.2AI score0.02259EPSS
Exploits0References6Affected Software2
Cvelist
Cvelist
added 2008/06/04 9:0 p.m.39 views

CVE-2008-2055

Cisco Adaptive Security Appliance ASA and Cisco PIX security appliance 7.1.x before 7.1270, 7.2.x before 7.24, and 8.0.x before 8.0310 allows remote attackers to cause a denial of service via a crafted TCP ACK packet to the device interface...

6.6AI score0.02259EPSS
Exploits0References6
securityvulns
securityvulns
added 2008/04/24 12:0 a.m.39 views

Asterisk IAX2 calls spoofing

Insuficient check of server ACK and weak call number generation allows blind spoofing...

4.3CVSS2.6AI score0.02743EPSS
Exploits1References1Affected Software2
CVE
CVE
added 2008/04/23 12:0 a.m.86 views

CVE-2008-1897

The CVE-2008-1897 issue affects the IAX2 channel driver in Asterisk Open Source (various 1.0.x, 1.2.x before 1.2.28, 1.4.x before 1.4.19.1; AsteriskNOW; Business Editions; and s800i prior to listed versions). The vulnerability arises when unauthenticated calls are allowed and the ACK response doe...

4.3CVSS6.5AI score0.02743EPSS
Exploits1References27Affected Software5
Debian CVE
Debian CVE
added 2008/04/23 12:0 a.m.40 views

CVE-2008-1897

The IAX2 channel driver chaniax2 in Asterisk Open Source 1.0.x, 1.2.x before 1.2.28, and 1.4.x before 1.4.19.1; Business Edition A.x.x, B.x.x before B.2.5.2, and C.x.x before C.1.8.1; AsteriskNOW before 1.0.3; Appliance Developer Kit 0.x.x; and s800i before 1.1.0.3, when configured to allow...

4.3CVSS6.3AI score0.02743EPSS
Exploits1
Ubuntu
Ubuntu
added 2008/02/04 4:25 p.m.99 views

USN-574-1: Linux kernel vulnerabilities

The minix filesystem did not properly validate certain filesystem values. If a local attacker could trick the system into attempting to mount a corrupted minix filesystem, the kernel could be made to hang for long periods of time, resulting in a denial of service. This was only vulnerable in Ubun...

7.8CVSS6.3AI score0.14336EPSS
Exploits7
Prion
Prion
added 2007/11/15 8:46 p.m.20 views

Null pointer dereference

The tcpsacktagwritequeue function in net/ipv4/tcpinput.c in Linux kernel 2.6.21 through 2.6.23.7, and 2.6.24-rc through 2.6.24-rc2, allows remote attackers to cause a denial of service crash via crafted ACK responses that trigger a NULL pointer dereference...

7.8CVSS6.5AI score0.03822EPSS
Exploits0References24Affected Software1
Cvelist
Cvelist
added 2007/11/15 8:0 p.m.35 views

CVE-2007-5501

The tcpsacktagwritequeue function in net/ipv4/tcpinput.c in Linux kernel 2.6.21 through 2.6.23.7, and 2.6.24-rc through 2.6.24-rc2, allows remote attackers to cause a denial of service crash via crafted ACK responses that trigger a NULL pointer dereference...

6.1AI score0.03822EPSS
Exploits0References24
NVD
NVD
added 2007/03/20 8:19 p.m.20 views

CVE-2007-1530

The LLTD Mapper in Microsoft Windows Vista does not properly gather responses to EMIT packets, which allows remote attackers to cause a denial of service mapping failure by omitting an ACK response, which triggers an XML syntax error...

5CVSS6.6AI score0.14803EPSS
Exploits0References6
CVE
CVE
added 2007/03/20 8:0 p.m.61 views

CVE-2007-1530

The CVE-2007-1530 entry affects the LLTD Mapper in Microsoft Windows Vista. The vulnerability arises because the LLTD Mapper does not properly handle responses to EMIT packets, enabling a remote attacker to cause a denial-of-service (mapping failure) by omitting an ACK response, which then trigge...

5CVSS6.6AI score0.14803EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2006/09/11 12:0 a.m.89 views

MSRPC Service Detection

The remote host is running a Windows RPC service. This service replies to the RPC Bind Request with a Bind Ack response. However it is not possible to determine the uuid of this service. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid22319; scriptversion"1.10";...

5.5AI score
Exploits0
RedHat Linux
RedHat Linux
added 2006/08/10 7:31 p.m.8 views

security flaw

Buffer overflow in SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a malformed HB-ACK chunk...

9CVSS6.3AI score0.06797EPSS
Exploits0References4
NVD
NVD
added 2006/07/28 10:4 p.m.22 views

CVE-2006-3920

The TCP implementation in Sun Solaris 8, 9, and 10 before 20060726 allows remote attackers to cause a denial of service resource exhaustion via a TCP packet with an incorrect sequence number, which triggers an ACK storm...

5CVSS6.6AI score0.02713EPSS
Exploits0References8
Cvelist
Cvelist
added 2006/07/28 10:0 p.m.19 views

CVE-2006-3920

The TCP implementation in Sun Solaris 8, 9, and 10 before 20060726 allows remote attackers to cause a denial of service resource exhaustion via a TCP packet with an incorrect sequence number, which triggers an ACK storm...

6.6AI score0.02713EPSS
Exploits0References8
Prion
Prion
added 2006/05/22 4:6 p.m.22 views

Buffer overflow

Buffer overflow in SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a malformed HB-ACK chunk...

9CVSS7.8AI score0.06797EPSS
Exploits0References26Affected Software1
Cvelist
Cvelist
added 2006/05/22 4:0 p.m.25 views

CVE-2006-1857

Buffer overflow in SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a malformed HB-ACK chunk...

7.8AI score0.06797EPSS
Exploits0References26
NVD
NVD
added 2006/03/15 5:6 p.m.32 views

CVE-2006-1242

The ippushpendingframes function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan nmap -sI attack, which bypasses intended protections against such attacks...

5CVSS7.3AI score0.03426EPSS
Exploits0References28
Prion
Prion
added 2006/03/15 5:6 p.m.26 views

Code injection

The ippushpendingframes function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan nmap -sI attack, which bypasses intended protections against such attacks...

5CVSS6.6AI score0.03426EPSS
Exploits0References28Affected Software1
Rows per page
Query Builder