CVE-2026-42960

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such records. If an adversary is able to attach such...

CVE-2026-42960

Unbound CVE-2026-42960 affects versions up to 1.25.0. The vulnerability arises from poisoning attempts using promiscuous RRSets in the authority section; an attacker could spoof replies or leverage fragmentation to inject non-NS address records in the additional section and have Unbound cache the...

CVE-2026-42960

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such records. If an adversary is able to attach such...

EUVD-2026-31083

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such records. If an adversary is able to attach such...

CVE-2026-42960

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such records. If an adversary is able to attach such...

CVE-1999-0431

Linux 2.2.3 and earlier allow a remote attacker to perform an IP fragmentation attack, causing a denial of service...

CVE-2025-68388

Allocation of resources without limits or throttling CWE-770 allows an unauthenticated remote attacker to cause excessive allocation CAPEC-130 of memory and CPU via the integration of malicious IPv4 fragments, leading to a degradation in Packetbeat...

EUVD-2016-1331

Malware in sbrugna...

EUVD-1999-0157

Malware in sbrugna...

NetworkAssessment - With Wireshark Or TCPdump, You Can Determine Whether There Is Harmful Activity On Your Network Traffic That You Have Recorded On The Network You Monitor

The Network Compromise Assessment Tool is designed to analyze pcap files to detect potential suspicious network traffic. This tool focuses on spotting abnormal activities in the network traffic and searching for suspicious keywords. DNS Tunneling Detection : Identifies potential covert...

Network_Assessment - With Wireshark Or TCPdump, You Can Determine Whether There Is Harmful Activity On Your Network Traffic That You Have Recorded On The Network You Monitor

With Wireshark or TCPdump, you can determine whether there is harmful activity on your network traffic that you have recorded on the network you monitor. This Python script analyzes network traffic in a given .pcap file and attempts to detect the following suspicious network activities and attack...

SUSE CVE-2004-1060

Multiple TCP/IP and ICMP implementations, when using Path MTU PMTU discovery PMTUD, allow remote attackers to cause a denial of service network throughput reduction for TCP connections via forged ICMP "Fragmentation Needed and Don't Fragment was Set" packets with a low next-hop MTU value, aka the...

SUSE CVE-2012-4445

Heap-based buffer overflow in the eapservertlsprocessfragment function in eapservertlscommon.c in the EAP authentication server in hostapd 0.6 through 1.0 allows remote attackers to cause a denial of service crash or abort via a small "TLS Message Length" value in an EAP-TLS message with the "Mor...

SUSE CVE-2013-6076

strongSwan 5.0.2 through 5.1.0 allows remote attackers to cause a denial of service NULL pointer dereference and charon daemon crash via a crafted IKEv1 fragmentation packet...

kernel: off-path attacker may inject data or terminate victim's TCP session

A TCP/IP packet spoofing attack flaw was found in the Linux kernel’s TCP/IP protocol, where a Man-in-the-Middle Attack MITM performs an IP fragmentation attack and an IPID collision. This flaw allows a remote user to pretend to be the sender of the TCP/IP packet for an existing TCP/IP session...

kernel: off-path attacker may inject data or terminate victim's TCP session

A TCP/IP packet spoofing attack flaw was found in the Linux kernel’s TCP/IP protocol, where a Man-in-the-Middle Attack MITM performs an IP fragmentation attack and an IPID collision. This flaw allows a remote user to pretend to be the sender of the TCP/IP packet for an existing TCP/IP session...

ALPINE-CVE-2021-23192

A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their own data, bypassing the signature requirements...

Denial Of Service (DoS)

IPv6 protocol is vulnerable to denial of serviceDos attacks. Remote attacker could leverage the generation of IPv6 atomic fragments to trigger the use of fragmentation in an arbitrary IPv6 flow and subsequently perform any type of a fragmentation-based attack against legacy IPv6 nodes that do not...

SUSE-SU-2018:2187-1 Security update for glibc

This update for glibc fixes the following issues: Security issues fixed: - CVE-2017-15804: Fix buffer overflow during unescaping of user names in the glob function in glob.c bsc1064580. - CVE-2017-15670: Fix buffer overflow in glob with GLOBTILDE bsc1064583. - CVE-2017-15671: Fix memory leak in...

A fragmentation attack against IP Filter

I did not want to release this on a Friday afternoon. Happy experimenting -Thomas ---- cut here ---- A fragmentation attack against IP Filter April 6th, 2001 Thomas Lopatic [email protected] The research for this advisory was supported by TUV data protect GmbH, a TUV Rheinland/Berlin-Brandenburg...