19 matches found
kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()
A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...
EUVD-2005-0067
Malware in sbrugna...
EUVD-2005-0066
Malware in sbrugna...
K4583: Insufficient validation of ICMP error messages VU#222750 / CVE-2004-0790 (9.x - 10.x)
Security Advisory Description This article applies to BIG-IP 9.x through 10.x. However, a regression for this vulnerability was introduced in later BIG-IP versions. For information about other versions, refer to the following article: K23440942: Insufficient validation of ICMP error messages...
Cisco IOS XR Software IPsec Packet Processor DoS (cisco-sa-iosxr-ipsec-dos-q8UPX6m)
According to its self-reported version, Cisco IOS XR Software is affected by a denial of service DoS vulnerability in the IPsec packet processor due to improper handling of packets. An unauthenticated, remote attacker can exploit this, by sending malicious ICMP error messages to an affected devic...
CVE-2020-3190
A vulnerability in the IPsec packet processor of Cisco IOS XR Software could allow an unauthenticated remote attacker to cause a denial of service DoS condition for IPsec sessions to an affected device. The vulnerability is due to improper handling of packets by the IPsec packet processor. An...
Design/Logic Flaw
A vulnerability in the IPsec packet processor of Cisco IOS XR Software could allow an unauthenticated remote attacker to cause a denial of service DoS condition for IPsec sessions to an affected device. The vulnerability is due to improper handling of packets by the IPsec packet processor. An...
CVE-2020-3190 Cisco IOS XR Software IPsec Packet Processor Denial of Service Vulnerability
A vulnerability in the IPsec packet processor of Cisco IOS XR Software could allow an unauthenticated remote attacker to cause a denial of service DoS condition for IPsec sessions to an affected device. The vulnerability is due to improper handling of packets by the IPsec packet processor. An...
F5 Networks BIG-IP : Insufficient validation of ICMP error messages (K23440942)
The vulnerability described in this article was initially fixed in earlier versions, but a regression was reintroduced in BIG-IP 12.x through13.x. For information about earlier versions, refer toK4583: Insufficient validation of ICMP error messages - VU222750 / CVE-2004-07909.x - 10.x. Multiple...
F5 Networks BIG-IP : Insufficient validation of ICMP error messages (SOL4583)
The remote BIG-IP device is missing a patch required by a security advisory. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from F5 Networks BIG-IP Solution SOL4583. The text description of this plugin is C F5 Networks...
CVE-2005-0065
The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged aka "TCP sequence number checking", which makes it easier for attackers to forge ICMP error messages for specifi...
CVE-2005-0067
Technical details for CVE-2005-0067 (affected software/versions, root cause, impact, and fixes) are not publicly available in the provided Connected documents. Monitor for updates.
CVE-2005-0065
The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged aka "TCP sequence number checking", which makes it easier for attackers to forge ICMP error messages for specifi...
CVE-2005-0067
The original design of TCP does not require that port numbers be assigned randomly aka "Port randomization", which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using 1 blind connection-reset attacks with...
CVE-2005-0066
The original design of TCP does not check that the TCP Acknowledgement number in an ICMP error message generated by an intermediate router is within the range of possible values for data that has already been acknowledged aka "TCP acknowledgement number checking", which makes it easier for...
CVE-2002-0704
The Network Address Translation NAT capability for Netfilter "iptables" 1.2.6a and earlier leaks translated IP addresses in ICMP error messages...
CVE-2002-0704
The Network Address Translation NAT capability for Netfilter "iptables" 1.2.6a and earlier leaks translated IP addresses in ICMP error messages...
CVE-2002-0208
PGP Security PGPfire 7.1 for Windows alters the system's TCP/IP stack and modifies packets in ICMP error messages in a way that allows remote attackers to determine that the system is running PGPfire...
CVE-2002-0208
PGP Security PGPfire 7.1 for Windows alters the system's TCP/IP stack and modifies packets in ICMP error messages in a way that allows remote attackers to determine that the system is running PGPfire...