96 matches found
Debian DLA-1603-1 : suricata security update
Several issues were found in suricata, an intrusion detection and prevention tool. CVE-2017-7177 Suricata has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching. CVE-2017-15377 It was possible to trigger lots of redundant checks on the...
Heap overflow
An issue was discovered in HAProxy before 1.8.8. The incoming H2 frame length was checked against the maxframesize setting instead of being checked against the bufsize. The maxframesize only applies to outgoing traffic and not to incoming, so if a large enough frame size is advertised in the...
How to Defragment a PVS vDisk with minimum downtime
The purpose of this guide is to instruct a PVS Administrator on the quickest way to perform a defragmentation process on a vDisk, while minimizing the amount of downtime incurred for the PVS Targets. It is important to note that, while this process can be performed without having to Power Down th...
DEBIAN-CVE-2017-7177
Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching...
CVE-2017-7177
Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching...
CVE-2017-7177
Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching...
CVE-2017-7177
Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching...
Design/Logic Flaw
Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching...
CVE-2017-7177
Suricata (IDS/IPS) is affected by CVE-2017-7177 due to an IPv4 defragmentation evasion flaw: it does not check the IP protocol during fragment matching. This can enable an attacker to craft fragments that bypass reassembly/detection. Affected are Suricata releases prior to 3.2.1. Remediation: upg...
CVE-2017-7177
Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching...
CVE-2017-7177
Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching...
DEBIAN-CVE-2016-9755
The netfilter subsystem in the Linux kernel before 4.9 mishandles IPv6 reassembly, which allows local users to cause a denial of service integer overflow, out-of-bounds write, and GPF or possibly have unspecified other impact via a crafted application that makes socket, connect, and writev system...
UBUNTU-CVE-2015-3813
The fragmentaddwork function in epan/reassemble.c in the packet-reassembly feature in Wireshark 1.12.x before 1.12.5 does not properly determine the defragmentation state in a case of an insufficient snapshot length, which allows remote attackers to cause a denial of service memory consumption vi...
[USN-869-1] Linux kernel vulnerabilities
=========================================================== Ubuntu Security Notice USN-869-1 December 10, 2009 linux vulnerability CVE-2009-1298, CVE-2009-4131 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 9.10 This...
Linux kernel multiple security vulnerabilities
Crash on malformed IP packet defragmentation, privilege escalation with Ext4 "move extents" ioctl...
USN-869-1: Linux kernel vulnerabilities
David Ford discovered that the IPv4 defragmentation routine did not correctly handle oversized packets. A remote attacker could send specially crafted traffic that would cause a system to crash, leading to a denial of service. The fix was included in the earlier kernels from USN-864-1...