16 matches found
PT-2026-24745
Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description A flaw exists in the Account REST API of Keycloak that allows a user authenticated with a lower security level to perform sensitive actions intended only for higher-assurance sessions. An...
QES-Backed Virtual FIDO2 Authenticators: Architectural Options for Secure, Synchronizable WebAuthn Credentials
FIDO2 and the WebAuthn standard offer phishing-resistant, public-key based authentication but traditionally rely on device-bound cryptographic keys that are not naturally portable across user devices. Recent passkey deployments address this limitation by enabling multi-device credentials...
A Fuzzy Logic-Based Cryptographic Framework for Real-Time Dynamic Key Generation for Enhanced Data Encryption
With the ever-growing demand for cybersecurity, static key encryption mechanisms are increasingly vulnerable to adversarial attacks due to their deterministic and non-adaptive nature. Brute-force attacks, key compromise, and unauthorized access have become highly common cyber threats. This resear...
Google's Shift to Rust Programming Cuts Android Memory Vulnerabilities by 68%
Google has revealed that its transition to memory-safe languages such as Rust as part of its secure-by-design approach has led to the percentage of memory-safe vulnerabilities discovered in Android dropping from 76% to 24% over a period of six years. The tech giant said focusing on Safe Coding fo...
For NXP I. MX microprocessor HAB vulnerability analysis-vulnerability warning-the black bar safety net
One, Foreword NXP(NXP)semiconductor production company i. The MX Series application processor of the Secure Boot features in the presence of two vulnerabilities, two vulnerabilities by Quarkslab the two researchers Guillaume Delugré and Kévin Szkudłapski found this article on the two vulnerabilit...
seL4 Secure Microkernel Made Open Source
General Dynamics C4 Systems and Australia’s Information and Communications Technology Research Centre NICTA today open sourced the code-base of a secure microkernel project known as seL4. Touted as “the most trustworthy general purpose microkernel in the world,” seL4 has previously been adapted b...
SafeNET High Assurance Remote/SoftRemote IPSecDrv.SYS远程拒绝服务漏洞
SafeNet HighAssurance Remote是一款标准VPN软件产品。 SafeNet HighAssurance Remote不正确处理畸形报文数据,远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 发送畸形的IPv6报文,会在搜索option头字段0x1000BEB0时进入循环而造成IPSecDrv.sys错误发生崩溃。 SafeNet SafeNet HighAssurance SoftRemote 1.4 SafeNet SafeNet HighAssurance Remote 1.4 目前没有解决方案提供: http://www.safenet-inc.com/...
Design/Logic Flaw
IPSecDrv.sys 10.4.0.12 in SafeNET High Assurance Remote 1.4.0 Build 12, and SoftRemote, allows remote attackers to cause a denial of service infinite loop and system hang via an invalid packet with certain bytes in an option header, possibly related to the IPv6 support for IPSec...
CVE-2007-3157
IPSecDrv.sys 10.4.0.12 in SafeNET High Assurance Remote 1.4.0 Build 12, and SoftRemote, allows remote attackers to cause a denial of service infinite loop and system hang via an invalid packet with certain bytes in an option header, possibly related to the IPv6 support for IPSec...
CVE-2007-3157
CVE-2007-3157 affects IPSecDrv.sys version 10.4.0.12 in SafeNET High Assurance Remote 1.4.0 Build 12 and SoftRemote. The issue is a denial-of-service condition caused by processing an invalid IPv6-related option header in an IPsec packet, leading to an infinite loop and system hang. The exact vul...
CVE-2007-3157
IPSecDrv.sys 10.4.0.12 in SafeNET High Assurance Remote 1.4.0 Build 12, and SoftRemote, allows remote attackers to cause a denial of service infinite loop and system hang via an invalid packet with certain bytes in an option header, possibly related to the IPv6 support for IPSec...
SafeNET High Assurance Remote / SoftRemote DoS
Infinite loop on IPv6 parsing...
[Full-disclosure] SafeNET High Assurance Remote/SoftRemote (IPSecDrv.sys) remote DoS
Attached is POC for a remote DoS in IPSecDrv.sys shipped with SafeNET High Assurance Remote and SoftRemote. The version tested is 10.4.0.12. The bug itself is due to SafeNET making a complete hash of IPv6 support for IPSec. The result of the code is a complete DoS of the machine in Kernel mode...
SafeNET High Assurance Remote 1.4.0 (IPSecDrv.sys) Remote DoS
No description provided by source. / safenet-dos.c SafeNet HighAssurance Remote 1.4.0 Ring0 DoS win32 by John Anderson [email protected] mu-b [email protected] - Mar 2006 - June 2007 - Tested on: SafeNet HighAssurance Remote 1.4.0 Build 12 win32 Kernel level Ring0 DoS in IPv6 support of IPSecDrv.sys...
SafeNET High Assurance Remote 1.4.0 (IPSecDrv.sys) Remote DoS
No description provided by source. / safenet-dos.c SafeNet HighAssurance Remote 1.4.0 Ring0 DoS win32 by John Anderson [email protected] mu-b [email protected] - Mar 2006 - June 2007 - Tested on: SafeNet HighAssurance Remote 1.4.0 Build 12 win32 Kernel level Ring0 DoS in IPv6 support of IPSecDrv.sys...
SafeNET High Assurance Remote 1.4.0 (IPSecDrv.sys) Remote DoS
Exploit for unknown platform in category dos / poc ============================================================= SafeNET High Assurance Remote 1.4.0 IPSecDrv.sys Remote DoS ============================================================= / safenet-dos.c SafeNet HighAssurance Remote 1.4.0 Ring0 DoS...