282 matches found
Design/Logic Flaw
The Application Layer Gateway ALG module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service device reload via crafted DNS packets, aka Bug ID CSCue00996...
CVE-2013-4688
flowd in Juniper Junos 10.4 before 10.4R11 on SRX devices, when the MSRPC Application Layer Gateway ALG is enabled, allows remote attackers to cause a denial of service daemon crash via crafted MSRPC requests, aka PR 772834...
Design/Logic Flaw
flowd in Juniper Junos 10.4 before 10.4S14, 11.2 and 11.4 before 11.4R6-S2, and 12.1 before 12.1R6 on SRX devices, when certain Application Layer Gateways ALGs are enabled, allows remote attackers to cause a denial of service daemon crash via crafted TCP packets, aka PRs 727980, 806269, and 83559...
Code injection
flowd in Juniper Junos 10.4 before 10.4R11 on SRX devices, when the MSRPC Application Layer Gateway ALG is enabled, allows remote attackers to cause a denial of service daemon crash via crafted MSRPC requests, aka PR 772834...
CVE-2013-4688
flowd in Juniper Junos 10.4 before 10.4R11 on SRX devices, when the MSRPC Application Layer Gateway ALG is enabled, allows remote attackers to cause a denial of service daemon crash via crafted MSRPC requests, aka PR 772834...
CVE-2013-1145
CVE-2013-1145 affects Cisco IOS Software with Zone-Based Policy Firewall SIP application layer gateway inspection enabled. A memory leak in the SIP inspection path can be triggered by malformed SIP messages, leading to denial of service via memory exhaustion or device reload. Affected Cisco IOS r...
VMware View critical directory traversal vulnerability
DDI Vulnerability Research Team VRT for reported a critical vulnerability in VMware View Server , that is a directory traversal vulnerability that allows an unauthenticated remote attacker to retrieve arbitrary files from affected View Servers. Exploitation of this issue may expose sensitive...
VMware View critical directory traversal vulnerability
DDI Vulnerability Research Team VRT for reported a critical vulnerability in VMware View Server , that is a directory traversal vulnerability that allows an unauthenticated remote attacker to retrieve arbitrary files from affected View Servers. Exploitation of this issue may expose sensitive...
Demo of the CRIME TLS Attack
Security researchers Juliano Rizzo and Thai Duong have developed a new attack called CRIME on the TLS protocol that uses the compression ratio in TLS requests as a side channel to gather information that enables them to decrypt the requests and extract users’ cookies. The attack works against bot...
Cisco IOS Software Network Address Translation Vulnerabilities (cisco-sa-20110928-nat)
The Cisco IOS Software network address translation NAT feature contains multiple denial of service DoS vulnerabilities in the translation of the following protocols : - NetMeeting Directory Lightweight Directory Access Protocol, LDAP - Session Initiation Protocol. Multiple vulnerabilities - H.323...
Uncovering Covert Command-and-Control Channels
As the line between securely hosted and controlled enterprise applications and cloud-based applications continues to blur, there’s more “legitimate” traffic between corporate networks and the Internet than ever before. This opens up new vectors for attack by hackers and cybercriminals as more...
The Five Key Things to Know About the Security of Your Networking Gear
Measuring the performance and security of your network equipment has never been more important than it is today. While there will always be tradeoffs between maximum throughput and maximum security, I want to emphasize the “and” in “performance and security.” Your devices must perform while...
Net Solutions' Hack Heightens Role of ISP in App Layer Security
According to research, the malicious iframe used in the latest Network Solutions attack pointed to corpadsinc.com which then downloads Adobe exploits onto victims’ machines. The hacks raise an issue increasingly being faced by Website owners: what’s the responsibility of the ISP or service or clo...
Geo++(R) GNCASTER Insecure Handling Of NMEA-Data
Advisory: Geo++R GNCASTER: Insecure handling of NMEA-data During a penetration test, RedTeam Pentesting discovered that the GNCaster software does not handle NMEA-data correctly. An attacker that has valid login credentials can use this to crash the server software or potentially execute code on...
Network Weaknesses Exposed at 26C3 Berlin
At the 26th Chaos Communication Congress in Berlin, security researcher Fabian Yamaguchi demonstrated a number of vulnerabilities that can apparently be found in many average communication networks and affect all levels from the access layer to the application layer. Read the full article. The H...
TLS Renegotiation Vulnerability: Proof of Concept Code (Python)
Information about a vulnerability in the TLS protocol was published in the beginning of November 2009. Attackers can take advantage of that vulnerability to inject arbitrary prefixes into a network connection protected by TLS. This can result in severe vulnerabilities, depending on the applicatio...
Preemptive Protection against Microsoft ISA Server Cross-Site Scripting (XSS) Vulnerability (MS09-016)
A cross-site scripting XSS vulnerability has been reported in the cookieauth.dll component in Microsoft Internet Security and Acceleration ISA Server. ISA Server, originating as Microsoft Proxy Server, is a Firewall & Security product that provides Application-Layer Firewalling, acts as a VPN...
Rookie Edition Expliot the guidelines for the preparation of the PNP the overflow vulnerability analysis+exploit-vulnerability warning-the black bar safety net
A month ago, and chat with friends, talked about now on the network, worms, viruses are increasingly rampant, the year before the“shock wave”, last year's“shock wave”, this year also don't know and out of what? The voice just fell, the one is named Zotob worm has been in a 8 on 1 to 5 November...
Cisco VPN 3000 Concentrator Multiple Service Banner System Information Disclosure (CSCdu35577 HTTP Check)
The remote VPN concentrator gives out too much information in application layer banners. An incorrect page request provides the specific version of software installed. This vulnerability is documented as Cisco bug ID CSCdu35577. %NASLMINLEVEL 70300 This script was written by Michael J. Richardson...
Cisco VPN 3000 Concentrator Multiple Service Banner System Information Disclosure (CSCdu35577)
According to its banner, the remote VPN concentrator gives out too much information in application layer banners. This vulnerability is documented as Cisco bug ID CSCdu35577. C Tenable Network Security, Inc. Thanks to Nicolas FISCHBACH [email protected] for his help Ref:...