Lucene search
+L

131 matches found

The Hacker News
The Hacker News
added 2011/10/02 8:43 p.m.19 views

Apache killer exploit modified for better Results

Apache killer exploit modified for better Results "4L4N4 K!LL3R" or Killapache DDOS tool exploit, previously coded by kingscope's , re-edited and coded by "S4uR4" , which kills apache and still many websites are vulnerable. S4uR4 rewrite this exploit on php/curl web based with agressive mode...

6.8AI score
Exploits0
NVD
NVD
added 2010/11/30 10:14 p.m.23 views

CVE-2010-4354

The remote-access IPSec VPN implementation on Cisco Adaptive Security Appliances ASA 5500 series devices, PIX Security Appliances 500 series devices, and VPN Concentrators 3000 series devices responds to an Aggressive Mode IKE Phase I message only when the group name is configured on the device,...

5CVSS6.5AI score0.01588EPSS
Exploits0References1
CVE
CVE
added 2010/11/30 10:0 p.m.57 views

CVE-2010-4354

The CVE covers a vulnerability in Cisco VPN products where remote attackers could enumerate valid VPN group names by sending an IKE Aggressive Mode packet with the group name in the ID field. Affected devices include ASA 5500 series, PIX 500 series, and VPN Concentrators 3000 series. Root cause i...

5CVSS6.8AI score0.01588EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2010/11/30 10:0 p.m.29 views

CVE-2010-4354

The remote-access IPSec VPN implementation on Cisco Adaptive Security Appliances ASA 5500 series devices, PIX Security Appliances 500 series devices, and VPN Concentrators 3000 series devices responds to an Aggressive Mode IKE Phase I message only when the group name is configured on the device,...

6.5AI score0.01588EPSS
Exploits0References1
securityvulns
securityvulns
added 2006/07/27 12:0 a.m.43 views

Cisco VPN Concentrator IKE resource exhaustion DoS Advisory

Cisco VPN Concentrator IKE resource exhaustion DoS Advisory 1. Overview NTA Monitor discovered a denial of service vulnerability in the Cisco VPN 3000 series concentrator products while performing a VPN security test for a customer in July 2005. The vulnerability affects Phase-1 of the IKE...

Exploits0
RedHat Linux
RedHat Linux
added 2006/04/25 2:45 p.m.7 views

security flaw

The Internet Key Exchange version 1 IKEv1 implementation isakmpagg.c in racoon in ipsec-tools before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service null dereference and crash via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for...

7.8CVSS5.9AI score0.04567EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2006/01/21 12:0 a.m.24 views

Ubuntu 4.10 / 5.04 / 5.10 : ipsec-tools vulnerability (USN-221-1)

The Oulu University Secure Programming Group discovered a remote Denial of Service vulnerability in the racoon daemon. When the daemon is configured to use aggressive mode, then it did not check whether the peer sent all required payloads during the IKE negotiation phase. A malicious IPsec peer...

7.8CVSS5.4AI score0.04567EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2005/12/30 12:0 a.m.34 views

SUSE-SA:2005:070: ipsec-tools,freeswan,openswan

The remote host is missing the patch for the advisory SUSE-SA:2005:070 ipsec-tools,freeswan,openswan. Openswan, Freeswan and raccoon ipsec-tools have been updated to fix crashes in aggressive mode. An attacker might send specially crafted packets that can crash racoon or Pluto. The ipsec-tools /...

7.8CVSS5.5AI score0.07453EPSS
Exploits1
Ubuntu
Ubuntu
added 2005/12/01 9:41 p.m.51 views

USN-221-1: racoon vulnerability

The Oulu University Secure Programming Group discovered a remote Denial of Service vulnerability in the racoon daemon. When the daemon is configured to use aggressive mode, then it did not check whether the peer sent all required payloads during the IKE negotiation phase. A malicious IPsec peer...

7.8CVSS5.3AI score0.04567EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2005/11/21 10:3 p.m.26 views

CVE-2005-3732

The Internet Key Exchange version 1 IKEv1 implementation isakmpagg.c in racoon in ipsec-tools before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service null dereference and crash via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for...

7.8CVSS6AI score0.04567EPSS
Exploits0References2
CVE
CVE
added 2005/11/21 10:0 p.m.66 views

CVE-2005-3732

CVE-2005-3732 affects the IKEv1 racoon implementation in ipsec-tools (isakmp_agg.c) prior to version 0.6.3, when running in aggressive mode. A remote attacker can trigger a denial-of-service via a crafted IKE packet that dereferences a NULL pointer. Public advisories from Red Hat/CentOS (RHSA-200...

7.8CVSS6.2AI score0.04567EPSS
Exploits0References25Affected Software1
Debian CVE
Debian CVE
added 2005/11/21 10:0 p.m.30 views

CVE-2005-3732

Removed by vendor...

7.8CVSS6.7AI score0.04567EPSS
Exploits0
Cvelist
Cvelist
added 2005/11/21 10:0 p.m.25 views

CVE-2005-3732

The Internet Key Exchange version 1 IKEv1 implementation isakmpagg.c in racoon in ipsec-tools before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service null dereference and crash via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for...

6.2AI score0.04567EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2005/11/18 9:3 p.m.35 views

CVE-2005-3671

The Internet Key Exchange version 1 IKEv1 implementation in Openswan 2 openswan-2 before 2.4.4, and freeswan in SUSE LINUX 9.1 before 2.041.5.4-1.23, allow remote attackers to cause a denial of service via 1 a crafted packet using 3DES with an invalid key length, or 2 unspecified inputs when...

7.8CVSS6AI score0.07453EPSS
Exploits1References1
CVE
CVE
added 2005/11/18 9:0 p.m.66 views

CVE-2005-3671

CVE-2005-3671 affects OpenSwan 2.x (pre-2.4.4) and Freeswan in SUSE Linux 9.1 (before 2.04_1.5.4-1.23). The vulnerability allows a remote attacker to cause a Denial of Service by processing specially crafted ISAKMP/IKEv1 data: (1) a crafted packet using 3DES with an invalid key length, or (2) uns...

7.8CVSS6.4AI score0.07453EPSS
Exploits1References17Affected Software3
Cvelist
Cvelist
added 2005/11/18 9:0 p.m.25 views

CVE-2005-3671

The Internet Key Exchange version 1 IKEv1 implementation in Openswan 2 openswan-2 before 2.4.4, and freeswan in SUSE LINUX 9.1 before 2.041.5.4-1.23, allow remote attackers to cause a denial of service via 1 a crafted packet using 3DES with an invalid key length, or 2 unspecified inputs when...

6.4AI score0.07453EPSS
Exploits1References17
CVE
CVE
added 2005/08/20 4:0 a.m.64 views

CVE-2005-2640

The CVE describes a behavioral discrepancy information leak in Juniper Netscreen VPNs running ScreenOS 5.2.0 and earlier. When using IKE with pre-shared key authentication, remote attackers can enumerate valid usernames by sending an IKE Aggressive Mode packet: a response is generated for valid u...

5CVSS6.8AI score0.07093EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2005/08/20 4:0 a.m.28 views

CVE-2005-2640

Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication, allows remote attackers to enumerate valid usernames via an IKE Aggressive Mode packet, which generates a response if the username is valid but...

6.4AI score0.07093EPSS
Exploits1References5
exploitpack
exploitpack
added 2005/08/18 12:0 a.m.12 views

Juniper NetScreen 5.0 - VPN Username Enumeration

Juniper NetScreen 5.0 - VPN Username Enumeration source: https://www.securityfocus.com/bid/14595/info The Juniper Netscreen VPN implementation will identify valid usernames in IKE aggressive mode, when pre-shared key authentication is used. This allows for attackers to obtain a list of valid VPN...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2005/08/18 12:0 a.m.55 views

Juniper NetScreen 5.0 - VPN 'Username' Enumeration

source: https://www.securityfocus.com/bid/14595/info The Juniper Netscreen VPN implementation will identify valid usernames in IKE aggressive mode, when pre-shared key authentication is used. This allows for attackers to obtain a list of valid VPN users. With a valid username, an attacker can...

7AI score
Exploits0
Rows per page
Query Builder