3 matches found
tcpdump 'EXTRACT_16BITS' Denial of Service Vulnerability
tcpdump is a set of sniffing tools developed by the Tcpdump team that run under the command line. The tool allows users to intercept and display TCP/IP and other packets sent or received over a network connection to that computer. A security vulnerability exists in the 'EXTRACT16BITS' function in...
Security Advisory - Buffer Overflow Vulnerability in Huawei USG Products
The Authentication, Authorization and Accounting AAA module in the USG products has a buffer overflow vulnerability. A remote attacker can send crafted Enterprise Application Platform EAP packets to the USG products through a Remote Authentication Dial In User Service RADIUS server which has...
Design/Logic Flaw
extensions/libxttcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant...