134 matches found
CVE-2020-1613
A vulnerability in the BGP FlowSpec implementation may cause a Juniper Networks Junos OS device to terminate an established BGP session upon receiving a specific BGP FlowSpec advertisement. The BGP NOTIFICATION message that terminates an established BGP session is sent toward the peer device that...
CVE-2018-21018
Mastodon before 2.6.3 mishandles timeouts of incompletely established sessions...
Design/Logic Flaw
The Traffic Router component of the incubating Apache Traffic Control project is vulnerable to a Slowloris style Denial of Service attack. TCP connections made on the configured DNS port will remain in the ESTABLISHED state until the client explicitly closes the connection or Traffic Router is...
CVE-2017-7670
The Traffic Router component of the incubating Apache Traffic Control project is vulnerable to a Slowloris style Denial of Service attack. TCP connections made on the configured DNS port will remain in the ESTABLISHED state until the client explicitly closes the connection or Traffic Router is...
CVE-2017-7670
The Traffic Router component of the incubating Apache Traffic Control project is vulnerable to a Slowloris style Denial of Service attack. TCP connections made on the configured DNS port will remain in the ESTABLISHED state until the client explicitly closes the connection or Traffic Router is...
DLA-345-1 strongswan - security update
Bulletin has no description...
CrystalFTP Pro 2.8 - Remote Buffer Overflow Exploit
No description provided by source. / CrystalFTP Pro v2.8 Buffer Overflow Exploit 04/25/2005 despite the fact that nobody uses CrystalFTP i had to release a new version that replaces the first one. this overwrites the structured exception handler with a pop edx pop eax ret in kernel32.dll. this...
CVE-2014-2338
IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKESA during 1 initiation or 2 re-authentication, which triggers the IKESA state to be set to established...
AST-2012-007: Remote crash vulnerability in IAX2 channel driver.
Asterisk Project Security Advisory - AST-2012-007 Product Asterisk Summary Remote crash vulnerability in IAX2 channel driver. Nature of Advisory Remote crash Susceptibility Established calls Severity Moderate Exploits Known No Reported On March 21, 2012 Reported By mgrobecker Posted On May 29, 20...
Experts Warn Of Japan Earthquake, Tsunami Spam
As the Pacific Rim braces for deadly Tsunami’s spawned by today’s magnitude 8.9 earthquake in Japan, the SANS Internet Storm Center says users should be on the lookout for a different kind of Tsunami: scam e-mail and Web pages looking to turn curiosity about the events in Japan into illicit gain...
r00tsecurity.org & uNknown.eu servers hacked by TeaMp0isoN !!
r00tsecurity.org & uNknown.eu servers hacked by TeaMp0isoN !! Intro to TeaMp0isoN TeaMp0isoN was established in mid-2009, the team consists of blackhats & hacktivists. Reason for Hacking uNk: They claim to be the best hacking/security forum in the scene, they also claim to be "underground" - you...
Quick 'n Easy WEB Server / Quick 'n Easy FTP Server DoS
Large number of established connections causes server to crash...
Baby ASP Web Server / FTP Server / POP Server DoS
Large number of established connections causes server to crash...
Unix TTY, Interact with Established Connection
Interacts with a TTY on an established socket connection This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 0 include Msf::Payload::Single def initializeinfo = supermergeinfoinfo,...
Debian Security Advisory DSA 389-1 (ipmasq)
The remote host is missing an update to ipmasq announced via advisory DSA 389-1. OpenVAS Vulnerability Test $Id: deb3891.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 389-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
SuSE 10 Security Update : ipsec-tools (ZYPP Patch Number 3099)
A bug in the IKE daemon 'racoon' allowed remote attackers shut down established tunnels. CVE-2007-1841 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid29466;...
IPv6 fragments bypass in nf_conntrack netfilter code
nfconntrack in netfilter in the Linux kernel before 2.6.20.3 does not set nfctinfo during reassembly of fragmented packets, which leaves the default value as IPCTESTABLISHED and might allow remote attackers to bypass certain rulesets using IPv6 fragments...
Debian DSA-1289-1 : linux-2.6 - several vulnerabilities
Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-1496 Michal Miroslaw reported a DoS...
Racoon IPSec key exchange DoS
It's possible to disrupts established IPSec tunnels...
Unix Command, Interact with Established Connection
Interacts with a shell on an established socket connection This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 0 include Msf::Payload::Single include Msf::Sessions::CommandShellOptions...