Lucene search
K

376 matches found

Prion
Prion
added 2013/04/11 10:55 a.m.29 views

Code injection

Cisco IOS XE 3.2 through 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers ASR, when VRF-aware NAT and SIP ALG are enabled, allows remote attackers to cause a denial of service card reload by sending many SIP packets, aka Bug ID CSCuc65609...

7.8CVSS7.1AI score0.0189EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2013/04/11 10:0 a.m.59 views

CVE-2013-1166

CVE-2013-1166 affects Cisco IOS XE on 1000 Series ASR routers (versions 3.2–3.4 up to 3.4.5S and 3.5–3.7 up to 3.7.1S). When VRF-aware NAT and SIP ALG are enabled, remote attackers can trigger a denial of service via a flood of SIP packets, potentially causing a reload of the ESP/RP cards and ser...

7.8CVSS6.8AI score0.0189EPSS
Exploits0References1Affected Software8
Cvelist
Cvelist
added 2013/04/11 10:0 a.m.32 views

CVE-2013-1166

Cisco IOS XE 3.2 through 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers ASR, when VRF-aware NAT and SIP ALG are enabled, allows remote attackers to cause a denial of service card reload by sending many SIP packets, aka Bug ID CSCuc65609...

6.5AI score0.0189EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2013/03/27 12:0 a.m.19 views

PsychoStats 3.2.2b Blind SQL Injection

Exploit Title : PsychoStats awards.php blind SQL Injection ============== Date: 27/03/2013 00:50 ===== Author: Mohamed from ALG ====== Vendor or Software Link:http://psychostats.us/ ======================= Version: 3.2.2b ======== Category: webapps ========= Google Keywords: "Powered by PsychoSta...

0.2AI score
Exploits0
seebug.org
seebug.org
added 2012/09/27 12:0 a.m.33 views

Cisco IOS NAT功能拒绝服务漏洞(CVE-2012-4618)

BUGTRAQ ID: 55693 CVE ID: CVE-2012-4618 Cisco IOS是多数思科系统路由器和网络交换机上使用的互联网络操作系统。NAT SIP ALG功能可通过IP报文的SIP负载内嵌入的IP地址转换,根据SIP部署VoIP解决方案之间的Cisco IOS NAT, Cisco IOS在启用了NAT SIP ALG功能处理SIP报文时存在安全漏洞,NAT SIP ALG是默认启用的并执行了IP报文的SIP负载转换。默认是对UDP端口5060报文转换NAT SIP。该端口使用全局配置命令"ip nat service sip udp port"配置。...

7.8CVSS6.4AI score0.02721EPSS
Exploits1
Cvelist
Cvelist
added 2012/09/27 12:0 a.m.22 views

CVE-2012-4618

The SIP ALG feature in the NAT implementation in Cisco IOS 12.2, 12.4, and 15.0 through 15.2 allows remote attackers to cause a denial of service device reload via transit IP packets, aka Bug ID CSCtn76183...

6.5AI score0.02721EPSS
Exploits1References3
CVE
CVE
added 2012/09/27 12:0 a.m.57 views

CVE-2012-4618

The CVE-2012-4618 issue affects Cisco IOS Software Network Address Translation NAT with the SIP ALG feature. The vulnerability arises when SIP payloads are translated for in-transit packets, causing a denial of service that can trigger a device reload. Affected IOS versions noted in the sources i...

7.8CVSS6.7AI score0.02721EPSS
Exploits1References3Affected Software1
0day.today
0day.today
added 2012/04/10 12:0 a.m.28 views

WM Downloader 3.1.2.2(.asx) Buffer Overflow Exploit

Exploit for windows platform in category local exploits Exploit Title: WM Downloader 3.1.2.2.asx Buffer Overflow Exploit Author: Caddy-Dz Facebook Page: http://www.facebook.com/ALG.Cyber.Army E-mail: islambabiaathotmail.com Vendor: http://mini-stream.net/downloads/WMDownloader.exe Category:: Loca...

6.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2012/01/10 8:10 p.m.7 views

kernel: crypto: ghash: null pointer deref if no key is set

crypto/ghash-generic.c in the Linux kernel before 3.1 allows local users to cause a denial of service NULL pointer dereference and OOPS or possibly have unspecified other impact by triggering a failed or missing ghashsetkey function call, followed by a 1 ghashupdate function call or 2 ghashfinal...

5.5CVSS6.2AI score0.00456EPSS
Exploits1References4
CVE
CVE
added 2010/12/22 1:0 a.m.50 views

CVE-2010-0039

The CVE-2010-0039 issue affects Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station firmware prior to 7.5.2. The root cause is that the Application‑Level Gateway (ALG) modifies PORT commands in incoming FTP traffic, enabling a remote attacker to use the device’s IP ...

2.6CVSS6.8AI score0.01722EPSS
Exploits0References3Affected Software5
Cvelist
Cvelist
added 2010/12/22 1:0 a.m.28 views

CVE-2010-0039

The Application-Level Gateway ALG on the Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station with firmware before 7.5.2 modifies PORT commands in incoming FTP traffic, which allows remote attackers to use the device's IP address for arbitrary intranet TCP traffic by...

6.7AI score0.01722EPSS
Exploits0References3
Prion
Prion
added 2007/07/16 11:30 p.m.12 views

Authentication flaw

The SMTP ALG in Clavister CorePlus before 8.80.04, and 8.81.00, does not properly parse SMTP commands in certain circumstances, which allows remote attackers to bypass address blacklists...

10CVSS7.5AI score0.02262EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2007/07/16 11:30 p.m.15 views

Authentication flaw

The AntiVirus engine in the HTTP-ALG in Clavister CorePlus before 8.81.00 and 8.80.03 might allow remote attackers to bypass scanning via small files...

5CVSS7.3AI score0.01949EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2007/07/16 11:30 p.m.18 views

CVE-2007-3803

The SMTP ALG in Clavister CorePlus before 8.80.04, and 8.81.00, does not properly parse SMTP commands in certain circumstances, which allows remote attackers to bypass address blacklists...

10CVSS6.9AI score0.02262EPSS
Exploits0References5
CVE
CVE
added 2007/07/16 11:0 p.m.45 views

CVE-2007-3804

The CVE-2007-3804 vulnerability affects Clavister CorePlus before versions 8.81.00 and 8.80.03, where the HTTP-ALG Antivirus engine may bypass scanning for small files. This remote issue (attack vector: network; no authentication required) can impact data integrity with a partial impact, accordin...

5CVSS6.7AI score0.01949EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2007/07/16 11:0 p.m.45 views

CVE-2007-3803

CVE-2007-3803 affects Clavister CorePlus SMTP ALG, where improper SMTP command parsing in certain circumstances allows remote attackers to bypass address blacklists. Affected versions are CorePlus before 8.80.04 and 8.81.00. The root cause is parsing issues within the SMTP ALG that can be exploit...

10CVSS6.9AI score0.02262EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder