188 matches found
CVE-2006-0433
Selective Acknowledgement SACK in FreeBSD 5.3 and 5.4 does not properly handle an incoming selective acknowledgement when there is insufficient memory, which might allow remote attackers to cause a denial of service infinite loop...
Memory corruption
Selective Acknowledgement SACK in FreeBSD 5.3 and 5.4 does not properly handle an incoming selective acknowledgement when there is insufficient memory, which might allow remote attackers to cause a denial of service infinite loop...
[Full-disclosure] LiveJournal CSS/JS injection vulnerability
SUMMARY ---------------------------------------------------------------------- The popular Livejournal1 social networking software contained an error which allowed for the inclusion of Javascript in user-supplied content. 1 http://www.livejournal.org/, http://www.livejournal.com/ BACKGROUND...
CVE-2005-1184
The TCP/IP stack in multiple operating systems allows remote attackers to cause a denial of service CPU consumption via a TCP packet with the correct sequence number but the wrong Acknowledgement number, which generates a large number of "keep alive" packets. NOTE: some followups indicate that th...
CVE-2005-0066
The original design of TCP does not check that the TCP Acknowledgement number in an ICMP error message generated by an intermediate router is within the range of possible values for data that has already been acknowledged aka "TCP acknowledgement number checking", which makes it easier for...
CVE-2005-0066
The original design of TCP does not check that the TCP Acknowledgement number in an ICMP error message generated by an intermediate router is within the range of possible values for data that has already been acknowledged aka "TCP acknowledgement number checking", which makes it easier for...
Multiple Vendor - TCP Session Acknowledgement Number Denial of Service
Multiple Vendor - TCP Session Acknowledgement Number Denial of Service // source: https://www.securityfocus.com/bid/13215/info Multiple Vendor TCP/IP stack implementations are reported prone to a denial of service vulnerability. A report indicates that the vulnerability manifests when an erroneou...
Ethereal integer underflow when parsing malformed PGM packets with NAK lists
Overview Ethereal fails to properly parse Pragmatic General Multicast PGM packets containing a crafted negative acknowledgement NAK list. Description Ethereal is a network traffic analysis package. It includes the ability to decode packets containing PGM data. There is a vulnerability in the way...