7203 matches found
Design/Logic Flaw
The bridge ioctl ifbridge code in NetBSD 1.6 through 3.0 does not clear sensitive memory before copying ioctl results to the requesting process, which allows local users to obtain portions of kernel memory...
CVE-2006-1588
The bridge ioctl ifbridge code in NetBSD 1.6 through 3.0 does not clear sensitive memory before copying ioctl results to the requesting process, which allows local users to obtain portions of kernel memory...
CVE-2005-3272
Linux kernel before 2.6.12 allows remote attackers to poison the bridge forwarding table using frames that have already been dropped by filtering, which can cause the bridge to forward spoofed packets...
CVE-2005-3272
Linux kernel before 2.6.12 allows remote attackers to poison the bridge forwarding table using frames that have already been dropped by filtering, which can cause the bridge to forward spoofed packets...
CVE-2005-3272
CVE-2005-3272 affects the Linux kernel prior to 2.6.12. The issue lets remote attackers poison the bridge forwarding table with frames that have already been dropped by filtering, causing the bridge to forward spoofed packets. The vulnerability stems from how bridge/frame filtering handling inter...
CVE-2005-3272
Linux kernel before 2.6.12 allows remote attackers to poison the bridge forwarding table using frames that have already been dropped by filtering, which can cause the bridge to forward spoofed packets...
DEBIAN-CVE-2005-2533
OpenVPN before 2.0.1, when running in "dev tap" Ethernet bridging mode, allows remote authenticated clients to cause a denial of service memory exhaustion via a flood of packets with a large number of spoofed MAC addresses...
Cisco Linksys WET11 wireless ethernet bridge unauthorized access
It's possible to reset device password with web interface...
Cross Site Scripting DOS (Zyxel B-420 Ethernet Bridge)
Wird einer B-420 Ethernet Bridge folgende URL bergeben startet sie neu. http://IP/Forms/rpAuth1?ZyXEL20ZyWALL20Seriesscripttop.location.pathname = ""/script Wird das ganze noch einmal wiederholt startet sie nicht mehr neu, sondern hngt einfach bzw. nimmt keine Anforderungen mehr entgegen und muss...
Hawking Technologies HAR11A router considered insecure
The Hawking Technologies HAR11A modem//router is shipped insecure. It suffers from the infamous Conexant security hole http://www.chiark.greenend.org.uk/theom/security/origo.html . You can find lots of references to this in a google search for "conexant port 254". You can see the Hawking...
CVE-2004-0819
CVE-2004-0819 affects OpenBSD 3.4 and 3.5 when a gateway is configured as a bridging firewall with the link2 option for IPSec enabled. A remote attacker can cause a denial of service (crash) by sending an ICMP echo (ping) packet. The available sources (NVD/CVE records) describe the vulnerability ...
CVE-2004-0819
The bridge functionality in OpenBSD 3.4 and 3.5, when running a gateway configured as a bridging firewall with the link2 option for IPSec enabled, allows remote attackers to cause a denial of service crash via an ICMP echo ping packet...
CVE-2003-0550
The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology...
CVE-2003-0512
Cisco IOS 12.2 and earlier exposes a username-enumeration flaw: when an invalid username is entered, the device shows “% Login invalid” instead of prompting for a password, enabling remote attackers to identify valid usernames and perform brute-force password guessing. Affected product set includ...
CVE-2003-0550
CVE-2003-0550 concerns the STP support in Linux kernel 2.4.x. The vulnerability stems from the STP protocol implementation failing to provide adequate security, enabling attackers to modify the bridge topology. Public documents in the connected set confirm this issue across multiple advisories (e...
CVE-2003-0550
The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology...
CVE-2003-0552
Summary: CVE-2003-0552 affects the Linux kernel 2.4.x bridge handling, enabling remote attackers to spoof the bridge forwarding table by sending forged packets whose source addresses match the target. The vulnerability is described in multiple advisories (e.g., Debian DSA-423-1 and RHSA-2003:239)...
CVE-2001-0455
CVE-2001-0455 affects Cisco Aironet 340 Series wireless bridge prior to version 8.55. The issue is that the device does not properly disable access to its web interface, enabling remote attackers to modify configuration settings. The sources provided describe the vulnerability in this product/ver...
CVE-2001-0455
Cisco Aironet 340 Series wireless bridge before 8.55 does not properly disable access to the web interface, which allows remote attackers to modify its configuration...
Access to the Cisco Aironet 340 Series Wireless Bridge via Web Interface
...