Lucene search
+L

7203 matches found

Prion
Prion
added 2006/04/03 10:4 a.m.16 views

Design/Logic Flaw

The bridge ioctl ifbridge code in NetBSD 1.6 through 3.0 does not clear sensitive memory before copying ioctl results to the requesting process, which allows local users to obtain portions of kernel memory...

2.1CVSS6.5AI score0.00343EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2006/04/03 10:0 a.m.25 views

CVE-2006-1588

The bridge ioctl ifbridge code in NetBSD 1.6 through 3.0 does not clear sensitive memory before copying ioctl results to the requesting process, which allows local users to obtain portions of kernel memory...

6AI score0.00343EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2005/10/21 1:2 a.m.21 views

CVE-2005-3272

Linux kernel before 2.6.12 allows remote attackers to poison the bridge forwarding table using frames that have already been dropped by filtering, which can cause the bridge to forward spoofed packets...

5CVSS5.9AI score0.03112EPSS
Exploits0References2
NVD
NVD
added 2005/10/21 1:2 a.m.25 views

CVE-2005-3272

Linux kernel before 2.6.12 allows remote attackers to poison the bridge forwarding table using frames that have already been dropped by filtering, which can cause the bridge to forward spoofed packets...

5CVSS7.3AI score0.03112EPSS
Exploits0References11
CVE
CVE
added 2005/10/20 4:0 a.m.92 views

CVE-2005-3272

CVE-2005-3272 affects the Linux kernel prior to 2.6.12. The issue lets remote attackers poison the bridge forwarding table with frames that have already been dropped by filtering, causing the bridge to forward spoofed packets. The vulnerability stems from how bridge/frame filtering handling inter...

5CVSS5.7AI score0.03112EPSS
Exploits0References11Affected Software1
Cvelist
Cvelist
added 2005/10/20 4:0 a.m.35 views

CVE-2005-3272

Linux kernel before 2.6.12 allows remote attackers to poison the bridge forwarding table using frames that have already been dropped by filtering, which can cause the bridge to forward spoofed packets...

5.7AI score0.03112EPSS
Exploits0References11
OSV
OSV
added 2005/08/24 4:0 a.m.4 views

DEBIAN-CVE-2005-2533

OpenVPN before 2.0.1, when running in "dev tap" Ethernet bridging mode, allows remote authenticated clients to cause a denial of service memory exhaustion via a flood of packets with a large number of spoofed MAC addresses...

2.1CVSS6.6AI score0.00683EPSS
Exploits0References1
securityvulns
securityvulns
added 2005/04/07 12:0 a.m.32 views

Cisco Linksys WET11 wireless ethernet bridge unauthorized access

It's possible to reset device password with web interface...

3.3AI score
Exploits0
securityvulns
securityvulns
added 2005/01/02 12:0 a.m.28 views

Cross Site Scripting DOS (Zyxel B-420 Ethernet Bridge)

Wird einer B-420 Ethernet Bridge folgende URL bergeben startet sie neu. http://IP/Forms/rpAuth1?ZyXEL20ZyWALL20Seriesscripttop.location.pathname = ""/script Wird das ganze noch einmal wiederholt startet sie nicht mehr neu, sondern hngt einfach bzw. nimmt keine Anforderungen mehr entgegen und muss...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2004/10/27 12:0 a.m.21 views

Hawking Technologies HAR11A router considered insecure

The Hawking Technologies HAR11A modem//router is shipped insecure. It suffers from the infamous Conexant security hole http://www.chiark.greenend.org.uk/theom/security/origo.html . You can find lots of references to this in a google search for "conexant port 254". You can see the Hawking...

7AI score
Exploits0
CVE
CVE
added 2004/09/02 4:0 a.m.50 views

CVE-2004-0819

CVE-2004-0819 affects OpenBSD 3.4 and 3.5 when a gateway is configured as a bridging firewall with the link2 option for IPSec enabled. A remote attacker can cause a denial of service (crash) by sending an ICMP echo (ping) packet. The available sources (NVD/CVE records) describe the vulnerability ...

5CVSS7AI score0.01411EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2004/08/25 4:0 a.m.16 views

CVE-2004-0819

The bridge functionality in OpenBSD 3.4 and 3.5, when running a gateway configured as a bridging firewall with the link2 option for IPSec enabled, allows remote attackers to cause a denial of service crash via an ICMP echo ping packet...

5CVSS6.7AI score0.01411EPSS
Exploits0References3
NVD
NVD
added 2003/08/27 4:0 a.m.25 views

CVE-2003-0550

The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology...

5CVSS6.2AI score0.01945EPSS
Exploits0References5
CVE
CVE
added 2003/07/29 4:0 a.m.54 views

CVE-2003-0512

Cisco IOS 12.2 and earlier exposes a username-enumeration flaw: when an invalid username is entered, the device shows “% Login invalid” instead of prompting for a password, enabling remote attackers to identify valid usernames and perform brute-force password guessing. Affected product set includ...

5CVSS6.9AI score0.03202EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2003/07/25 4:0 a.m.77 views

CVE-2003-0550

CVE-2003-0550 concerns the STP support in Linux kernel 2.4.x. The vulnerability stems from the STP protocol implementation failing to provide adequate security, enabling attackers to modify the bridge topology. Public documents in the connected set confirm this issue across multiple advisories (e...

5CVSS6.1AI score0.01945EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2003/07/25 4:0 a.m.36 views

CVE-2003-0550

The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology...

6.1AI score0.01945EPSS
Exploits0References5
CVE
CVE
added 2003/07/25 4:0 a.m.79 views

CVE-2003-0552

Summary: CVE-2003-0552 affects the Linux kernel 2.4.x bridge handling, enabling remote attackers to spoof the bridge forwarding table by sending forged packets whose source addresses match the target. The vulnerability is described in multiple advisories (e.g., Debian DSA-423-1 and RHSA-2003:239)...

5CVSS6.2AI score0.02763EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2001/09/18 4:0 a.m.43 views

CVE-2001-0455

CVE-2001-0455 affects Cisco Aironet 340 Series wireless bridge prior to version 8.55. The issue is that the device does not properly disable access to its web interface, enabling remote attackers to modify configuration settings. The sources provided describe the vulnerability in this product/ver...

7.5CVSS7.1AI score0.01612EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2001/09/18 4:0 a.m.21 views

CVE-2001-0455

Cisco Aironet 340 Series wireless bridge before 8.55 does not properly disable access to the web interface, which allows remote attackers to modify its configuration...

6.7AI score0.01612EPSS
Exploits0References3
Cisco
Cisco
added 2001/03/07 4:0 p.m.18 views

Access to the Cisco Aironet 340 Series Wireless Bridge via Web Interface

...

3.6AI score
Exploits0References1
Rows per page
Query Builder