134 matches found
Denial Of Service
jetty-http is vulnerable to Denial Of Service DoS. The vulnerability is due to GOAWAY frames failing to be written to the queue when there is TCP congestion within the server. An attacker can exploit idle timeout periods to leave HTTP/2 or 3 connections in the ESTABLISHED state, even when they...
Terrapin Attack Downgrading the Fortresses of SSH
Summary: The Terrapin attack, a cryptographic exploit targeting the widely adopted SSH protocol, poses a threat to the security of over 15 million servers dispersed across the Internet. This vulnerability enables attackers to compromise the security of established connections by truncating the...
ROS-20231107-01
Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests. The vulnerability of the HTTP/2 protocol implementatio...
CVE-2023-38538
A race condition in an event subsystem led to a heap use-after-free issue in established audio/video calls that could have resulted in app termination or unexpected control flow with very low probability...
[NetScaler] Graceful disable service may trigger TCP RESET immediately
According to eDoc:Graceful shutdown of services. If we disable an HTTP service with the following command: disable service HTTPSvcName 0 -graceFul YES We expect to see all ESTABLISHED connections alive. But in real cases, we may see partial connections got TCP RST from NetScaler ADC immediately...
Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations
A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LASTCHUNK from the bytes, causing a denial of service...
SUSE CVE-2007-1497
nfconntrack in netfilter in the Linux kernel before 2.6.20.3 does not set nfctinfo during reassembly of fragmented packets, which leaves the default value as IPCTESTABLISHED and might allow remote attackers to bypass certain rulesets using IPv6 fragments...
SUSE CVE-2017-0380
The rendserviceintroestablished function in or/rendservice.c in Tor before 0.2.8.15, 0.2.9.x before 0.2.9.12, 0.3.0.x before 0.3.0.11, 0.3.1.x before 0.3.1.7, and 0.3.2.x before 0.3.2.1-alpha, when SafeLogging is disabled, allows attackers to obtain sensitive information by leveraging access to t...
proteincim.com Cross Site Scripting vulnerability OBB-3096291
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations
A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LASTCHUNK from the bytes, causing a denial of service...
Google Android Information Disclosure Vulnerability (CNVD-2022-81244)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that originates in ContentService, which allows checking the presence of an established account on the device due to a missing license check. An attacker...
Apache Traffic Control vulnerable to Slowloris-style Denial of Service attack
The Traffic Router component of the incubating Apache Traffic Control project is vulnerable to a Slowloris style Denial of Service attack. TCP connections made on the configured DNS port will remain in the ESTABLISHED state until the client explicitly closes the connection or Traffic Router is...
GHSA-F2WR-C4C4-XJG7 Apache Traffic Control vulnerable to Slowloris-style Denial of Service attack
The Traffic Router component of the incubating Apache Traffic Control project is vulnerable to a Slowloris style Denial of Service attack. TCP connections made on the configured DNS port will remain in the ESTABLISHED state until the client explicitly closes the connection or Traffic Router is...
Interact with Established SSH Connection
Interacts with a shell on an established SSH connection Module Options msf use payload/generic/ssh/interact msf payloadinteract show actions ...actions... msf payloadinteract set ACTION msf payloadinteract show options ...show and set options... msf payloadinteract run This module requires...
CVE-2021-28706
guests may exceed their designated memory limit When a guest is permitted to have close to 16TiB of memory, it may be able to issue hypercalls to increase its memory allocation beyond the administrator established limit. This is a result of a calculation done with 32-bit precision, which may...
Weak password vulnerability in WTScada configuration software
Changzhou Wenting Software Co., Ltd. was established on August 20, 2014, and the company's business scope includes: software development; software sales; computer system integration, etc. WTScada configuration software has a weak password vulnerability, attackers use the weak password to log in t...
Published Application Launch Hangs at "Connection established. Negotiating capabilities"
Published application hangs at "Connection established. Negotiating capabilities" for about 30 sec before successful launch...
Windows Inject PE Files, Find Tag Ordinal Stager
Inject a custom native PE file into the exploited process using a reflective PE loader. The reflective PE loader will execute the pre-mapped PE image starting from the address of entry after performing image base relocation and API address resolution. This module requires a PE file that contains...
Jinan Speed Information Technology Co., Ltd. building system there are logical flaws vulnerabilities
Jinan Speed Information Technology Co., Ltd. was established in March 2010, the main business includes computer software development; computer graphic design; website construction and so on. Ltd. There is a logic flaw vulnerability in the website building system, which can be exploited by an...
Juniper Networks Junos OS Input Validation Error Vulnerability (CNVD-2020-22958)
Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. A security vulnerability exists in the Juniper Networks Junos OS implementation of BGP FlowSpec. An attacker could exploit...