242 matches found
CVE-2017-14003
The CVE-2017-14003 issue affects LAVA Computer MFG Ether-Serial Link (ESL) devices running firmware 6.01.00/29.03.2007 and earlier. An improper authentication vulnerability allows an attacker with the same IP address to bypass authentication by accessing a specific resource locator, effectively e...
LAVA Computer MFG Ether-Serial Link Authentication Bypass Vulnerability
Ether-Serial Link is an Ethernet serial link device from LAVA Computer MFG. An authentication bypass vulnerability exists in LAVA Computer MFG Ether-Serial Link versions 6.01.00/29.03.2007 and earlier, which can be exploited by an attacker with the same IP address to bypass authentication by...
Apple: Information Leak when handling WLC_E_COUNTRY_CODE_CHANGED event packets(CVE-2017-7116)
Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in both mobile devices and Wi-Fi routers, and are capable of handling many Wi-Fi related events without delegating to the host OS. On iOS, the "AppleBCMWLANBusInterfacePCIe"...
Largest Cryptocurrency Exchange Hacked! Over $1 Million Worth Bitcoin and Ether Stolen
One of the world's largest Bitcoin and Ether cryptocurrencies exchanges Bithumb has recently been hacked, resulting in loss of more than $1 Million in cryptocurrencies after a number of its user accounts compromised. Bithumb is South Korea's largest cryptocurrency exchange with 20% of global ethe...
Classic Ether Wallet Compromised via Social Engineering
Classic Ether Wallet, an open source wallet for the public, blockchain-based cryptocurrency platform Ethereum Classic ETC was compromised late last week. Developers of the decentralized platform said an attacker managed to hijack the domain for the wallet via social engineering late Thursday...
Article on the DAO Ethereum Hack
This is good...
CVE-2017-6658
Cisco Sourcefire Snort 3.0 before build 233 has a Buffer Overread related to use of a decoder array. The size was off by one making it possible to read past the end of the array with an ether type of 0xFFFF. Increasing the array size solves this problem...
Input validation
Cisco Sourcefire Snort 3.0 before build 233 mishandles Ether Type Validation. Since valid ether type and IP protocol numbers do not overlap, Snort++ stores all protocol decoders in a single array. That makes it possible to craft packets that have IP protocol numbers in the ether type field which...
CVE-2017-6657
Cisco Sourcefire Snort 3.0 before build 233 mishandles Ether Type Validation. Since valid ether type and IP protocol numbers do not overlap, Snort++ stores all protocol decoders in a single array. That makes it possible to craft packets that have IP protocol numbers in the ether type field which...
Buffer overflow
Cisco Sourcefire Snort 3.0 before build 233 has a Buffer Overread related to use of a decoder array. The size was off by one making it possible to read past the end of the array with an ether type of 0xFFFF. Increasing the array size solves this problem...
CVE-2017-6657
Cisco Sourcefire Snort 3.0 before build 233 mishandles Ether Type Validation, allowing crafted packets with IP protocol numbers in the ether type field to confuse the Snort++ decoder. Affected decoders include gre, llc, trans_bridge, ciscometadata, linux_sll, and token_ring; the fix adds a check ...
CVE-2017-6657
Cisco Sourcefire Snort 3.0 before build 233 mishandles Ether Type Validation. Since valid ether type and IP protocol numbers do not overlap, Snort++ stores all protocol decoders in a single array. That makes it possible to craft packets that have IP protocol numbers in the ether type field which...
Buffer overflow
Buffer overflow in Ether Software Easy MOV Converter 1.4.24, Easy DVD Creator, Easy MPEG/AVI/DIVX/WMV/RM to DVD, Easy Avi/Divx/Xvid to DVD Burner, Easy MPEG to DVD Burner, Easy WMV/ASF/ASX to DVD Burner, Easy RM RMVB to DVD Burner, Easy CD DVD Copy, MP3/AVI/MPEG/WMV/RM to Audio CD Burner,...
CVE-2017-8367
The CVE-2017-8367 entry covers a local buffer overflow in Ether Software Easy MOV Converter and related burn/converter tools (e.g., Easy MOV Converter 1.4.24, Easy DVD Creator, Easy MPEG/AVI/DIVX/WMV/RM to DVD, etc.). The root cause is a buffer overflow triggered by a long username, enabling a lo...
CVE-2017-8367
Buffer overflow in Ether Software Easy MOV Converter 1.4.24, Easy DVD Creator, Easy MPEG/AVI/DIVX/WMV/RM to DVD, Easy Avi/Divx/Xvid to DVD Burner, Easy MPEG to DVD Burner, Easy WMV/ASF/ASX to DVD Burner, Easy RM RMVB to DVD Burner, Easy CD DVD Copy, MP3/AVI/MPEG/WMV/RM to Audio CD Burner,...
Tcpdump Multiple Parser Buffer Overflow Vulnerability
Tcpdump is a popular network analysis program. A buffer overflow vulnerability in Tcpdump's multiple parsers print-ether.c:etherprint allows remote attackers to exploit the vulnerability by submitting a special request to crash the application...
DEBIAN-CVE-2017-5342
In tcpdump before 4.9.0, a bug in multiple protocol parsers Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE could cause a buffer overflow in print-ether.c:etherprint...
ALPINE-CVE-2017-5342
In tcpdump before 4.9.0, a bug in multiple protocol parsers Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE could cause a buffer overflow in print-ether.c:etherprint...
CVE-2017-5342
In tcpdump before 4.9.0, a bug in multiple protocol parsers Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE could cause a buffer overflow in print-ether.c:etherprint...
Wireshark 1.4.1-1.4.4 - SEH Overflow Exploit
No description provided by source. !/usr/bin/env python Vulnerable app: Wireshark 1.4.1-1.4.4 Author: sickness Download : OS: Tested it on Windows XP SP2 and SP3 but it should work on every Windows with DEP off still working on a ROP exploit DATE : 17.04.2011 Fixed in latest version 1.4.5 DO NOT...