30 matches found
EUVD-2021-26383
Malware in sbrugna...
EUVD-2022-27363
Malicious code in bioql PyPI...
Juniper Junos OS Multiple Vulnerabilities (JSA69720)
The version of Junos OS installed on the remote host is affected by multiple vulnerabilities as referenced in the JSA69720 advisory. - Multiple ethernet Network Interface Card NIC device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous...
CVE-2022-22216
An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the PFE of Juniper Networks Junos OS on PTX Series and QFX10k Series allows an adjacent unauthenticated attacker to gain access to sensitive information. PTX1000 and PTX10000 Series, and QFX10000 Series and PTX5000...
CVE-2022-22216 Junos OS: PTX Series and QFX10000 Series: 'Etherleak' memory disclosure in Ethernet padding data
An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the PFE of Juniper Networks Junos OS on PTX Series and QFX10k Series allows an adjacent unauthenticated attacker to gain access to sensitive information. PTX1000 and PTX10000 Series, and QFX10000 Series and PTX5000...
CVE-2022-22216
An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the PFE of Juniper Networks Junos OS on PTX Series and QFX10k Series allows an adjacent unauthenticated attacker to gain access to sensitive information. PTX1000 and PTX10000 Series, and QFX10000 Series and PTX5000...
ICMP 'Etherleak' Information Disclosure
The remote host is prone to an information disclosure vulnerability over ICMP dubbed SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if...
CVE-2021-3031
Padding bytes in Ethernet packets on PA-200, PA-220, PA-500, PA-800, PA-2000 Series, PA-3000 Series, PA-3200 Series, PA-5200 Series, and PA-7000 Series firewalls are not cleared before the data frame is created. This leaks a small amount of random information from the firewall memory into the...
CVE-2021-3031 PAN-OS: Information exposure in Ethernet data frame construction (Etherleak)
Padding bytes in Ethernet packets on PA-200, PA-220, PA-500, PA-800, PA-2000 Series, PA-3000 Series, PA-3200 Series, PA-5200 Series, and PA-7000 Series firewalls are not cleared before the data frame is created. This leaks a small amount of random information from the firewall memory into the...
CVE-2021-3031
CVE-2021-3031 (Etherleak) affects PAN-OS on multiple Palo Alto Networks devices (PA-200/220/500/800/2000/3000/3200/5200/7000 series). Padding bytes in Ethernet frames are not cleared before frame creation, causing leakage of tiny memory fragments into packets. An attacker on the same Ethernet sub...
PAN-OS: Information exposure in Ethernet data frame construction (Etherleak)
Padding bytes in Ethernet packets on PA-200, PA-220, PA-500, PA-5000 Series, PA-800, PA-2000 Series, PA-3000 Series, PA-3200 Series, PA-5200 Series, and PA-7000 Series firewalls are not cleared before the data frame is created. This leaks a small amount of random information from the firewall...
PT-2021-18709
Name of the Vulnerable Software and Affected Versions PAN-OS versions prior to 8.1.18 PAN-OS versions prior to 9.0.12 PAN-OS versions prior to 9.1.5 Description The issue, also known as Etherleak, occurs because padding bytes in Ethernet packets on various firewall models are not cleared before t...
CVE-2020-12494 Beckhoff: Etherleak in TwinCAT RT network driver
Beckhoff's TwinCAT RT network driver for Intel 8254x and 8255x is providing EtherCAT functionality. The driver implements real-time features. Except for Ethernet frames sent from real-time functionality, all other Ethernet frames sent through the driver are not padded if their payload is less tha...
CVE-2018-0014 ScreenOS: Etherleak vulnerability found on ScreenOS device
Juniper Networks ScreenOS devices do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from previous packets. This issue is often detected as CVE-2003-0001. The issue affects all versions of Juniper Networks ScreenOS prior to 6.3.0r25...
CVE-2017-2304
Juniper Networks QFX3500, QFX3600, QFX5100, QFX5200, EX4300 and EX4600 devices running Junos OS 14.1X53 prior to 14.1X53-D40, 15.1X53 prior to 15.1X53-D40, 15.1 prior to 15.1R2, do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from...
Design/Logic Flaw
Juniper Networks QFX3500, QFX3600, QFX5100, QFX5200, EX4300 and EX4600 devices running Junos OS 14.1X53 prior to 14.1X53-D40, 15.1X53 prior to 15.1X53-D40, 15.1 prior to 15.1R2, do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from...
CVE-2017-2304
Juniper Networks QFX3500, QFX3600, QFX5100, QFX5200, EX4300 and EX4600 devices running Junos OS 14.1X53 prior to 14.1X53-D40, 15.1X53 prior to 15.1X53-D40, 15.1 prior to 15.1R2, do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from...
CVE-2017-2304
Juniper Networks QFX3500, QFX3600, QFX5100, QFX5200, EX4300 and EX4600 devices running Junos OS 14.1X53 prior to 14.1X53-D40, 15.1X53 prior to 15.1X53-D40, 15.1 prior to 15.1R2, do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from...
CVE-2017-2304
CVE-2017-2304 affects Juniper Junos OS on QFX3500/3600/5100/5200 and EX4300/EX4600 devices. The root cause is that Ethernet packets are not padded with zeros, allowing packets to reveal fragments of system memory or data from previous packets (Etherleak). Impact is information disclosure via netw...
Juniper Junos QFX / EX Series 'Etherleak' Improper Padding Memory Disclosure (JSA10773)
According to its self-reported version number, the remote Juniper Junos QFX or EX series device is affected by a memory disclosure vulnerability, known as Etherleak, due to padding Ethernet packets with data from previous packets instead of padding them with null bytes. An unauthenticated, adjace...