376 matches found
Code injection
Cisco IOS XE 3.2 through 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers ASR, when VRF-aware NAT and SIP ALG are enabled, allows remote attackers to cause a denial of service card reload by sending many SIP packets, aka Bug ID CSCuc65609...
CVE-2013-1166
CVE-2013-1166 affects Cisco IOS XE on 1000 Series ASR routers (versions 3.2–3.4 up to 3.4.5S and 3.5–3.7 up to 3.7.1S). When VRF-aware NAT and SIP ALG are enabled, remote attackers can trigger a denial of service via a flood of SIP packets, potentially causing a reload of the ESP/RP cards and ser...
CVE-2013-1166
Cisco IOS XE 3.2 through 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers ASR, when VRF-aware NAT and SIP ALG are enabled, allows remote attackers to cause a denial of service card reload by sending many SIP packets, aka Bug ID CSCuc65609...
PsychoStats 3.2.2b Blind SQL Injection
Exploit Title : PsychoStats awards.php blind SQL Injection ============== Date: 27/03/2013 00:50 ===== Author: Mohamed from ALG ====== Vendor or Software Link:http://psychostats.us/ ======================= Version: 3.2.2b ======== Category: webapps ========= Google Keywords: "Powered by PsychoSta...
Cisco IOS NAT功能拒绝服务漏洞(CVE-2012-4618)
BUGTRAQ ID: 55693 CVE ID: CVE-2012-4618 Cisco IOS是多数思科系统路由器和网络交换机上使用的互联网络操作系统。NAT SIP ALG功能可通过IP报文的SIP负载内嵌入的IP地址转换,根据SIP部署VoIP解决方案之间的Cisco IOS NAT, Cisco IOS在启用了NAT SIP ALG功能处理SIP报文时存在安全漏洞,NAT SIP ALG是默认启用的并执行了IP报文的SIP负载转换。默认是对UDP端口5060报文转换NAT SIP。该端口使用全局配置命令"ip nat service sip udp port"配置。...
CVE-2012-4618
The SIP ALG feature in the NAT implementation in Cisco IOS 12.2, 12.4, and 15.0 through 15.2 allows remote attackers to cause a denial of service device reload via transit IP packets, aka Bug ID CSCtn76183...
CVE-2012-4618
The CVE-2012-4618 issue affects Cisco IOS Software Network Address Translation NAT with the SIP ALG feature. The vulnerability arises when SIP payloads are translated for in-transit packets, causing a denial of service that can trigger a device reload. Affected IOS versions noted in the sources i...
WM Downloader 3.1.2.2(.asx) Buffer Overflow Exploit
Exploit for windows platform in category local exploits Exploit Title: WM Downloader 3.1.2.2.asx Buffer Overflow Exploit Author: Caddy-Dz Facebook Page: http://www.facebook.com/ALG.Cyber.Army E-mail: islambabiaathotmail.com Vendor: http://mini-stream.net/downloads/WMDownloader.exe Category:: Loca...
kernel: crypto: ghash: null pointer deref if no key is set
crypto/ghash-generic.c in the Linux kernel before 3.1 allows local users to cause a denial of service NULL pointer dereference and OOPS or possibly have unspecified other impact by triggering a failed or missing ghashsetkey function call, followed by a 1 ghashupdate function call or 2 ghashfinal...
CVE-2010-0039
The CVE-2010-0039 issue affects Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station firmware prior to 7.5.2. The root cause is that the Application‑Level Gateway (ALG) modifies PORT commands in incoming FTP traffic, enabling a remote attacker to use the device’s IP ...
CVE-2010-0039
The Application-Level Gateway ALG on the Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station with firmware before 7.5.2 modifies PORT commands in incoming FTP traffic, which allows remote attackers to use the device's IP address for arbitrary intranet TCP traffic by...
Authentication flaw
The SMTP ALG in Clavister CorePlus before 8.80.04, and 8.81.00, does not properly parse SMTP commands in certain circumstances, which allows remote attackers to bypass address blacklists...
Authentication flaw
The AntiVirus engine in the HTTP-ALG in Clavister CorePlus before 8.81.00 and 8.80.03 might allow remote attackers to bypass scanning via small files...
CVE-2007-3803
The SMTP ALG in Clavister CorePlus before 8.80.04, and 8.81.00, does not properly parse SMTP commands in certain circumstances, which allows remote attackers to bypass address blacklists...
CVE-2007-3804
The CVE-2007-3804 vulnerability affects Clavister CorePlus before versions 8.81.00 and 8.80.03, where the HTTP-ALG Antivirus engine may bypass scanning for small files. This remote issue (attack vector: network; no authentication required) can impact data integrity with a partial impact, accordin...
CVE-2007-3803
CVE-2007-3803 affects Clavister CorePlus SMTP ALG, where improper SMTP command parsing in certain circumstances allows remote attackers to bypass address blacklists. Affected versions are CorePlus before 8.80.04 and 8.81.00. The root cause is parsing issues within the SMTP ALG that can be exploit...