59 matches found
CVE-2013-5543
Cisco IOS XE 3.4 before 3.4.2S and 3.5 before 3.5.1S on 1000 ASR devices allows remote attackers to cause a denial of service device reload via malformed ICMP error packets associated with a 1 TCP or 2 UDP session that is under inspection by the Zone-Based Firewall ZBFW component, aka Bug ID...
Checkpoint VPN-1 PAT information disclosure
Checkpoint VPN-1 PAT information disclosure By sending crafted packets to ports on the firewall which are mapped by port address translation PAT to ports on internal devices, information about the internal network may be disclosed in the resulting ICMP error packets. Port 18264/tcp on the firewal...
Check Point VPN-1 PAT Information Disclosure Vulnerability - Active Check
Check Point VPN-1 PAT is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2008 Tim Brown and Portcullis Computer Security Ltd Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
SOL4583 - Insufficient validation of ICMP error messages - VU#222750 / CVE-2004-0790
This vulnerability describes the use of spoofed ICMP packets to affect existing TCP connections. An attacker could cause a TCP connection to be closed or slowed by interfering with the Path MTU Discovery process or by generating one of the following spoofed ICMP messages: Destination unreachable...
ipfw -- IP fragment denial of service
Problem description: The firewall maintains a pointer to layer 4 header information in the event that it needs to send a TCP reset or ICMP error message to discard packets. Due to incorrect handling of IP fragments, this pointer fails to get initialized. Impact: An attacker can cause the firewall...
IPSec information leak
If ESP is used without integrity control it's possible to obtain plaintext data in ICMP error meesage by modifying source packet...
CVE-2005-0065
The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged aka "TCP sequence number checking", which makes it easier for attackers to forge ICMP error messages for specifi...
CVE-2005-0065
The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged aka "TCP sequence number checking", which makes it easier for attackers to forge ICMP error messages for specifi...
CVE-2005-0065
CVE-2005-0065 describes a vulnerability in TCP sequence number checking for ICMP error messages, enabling an attacker to forge ICMP messages for existing TCP connections and cause DoS. Connected advisories corroborate that multiple TCP/IP/ICMP implementations are affected and that the issue perta...
CVE-2005-0067
Technical details for CVE-2005-0067 (affected software/versions, root cause, impact, and fixes) are not publicly available in the provided Connected documents. Monitor for updates.
CVE-2005-0067
The original design of TCP does not require that port numbers be assigned randomly aka "Port randomization", which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using 1 blind connection-reset attacks with...
CVE-2005-0066
The original design of TCP does not check that the TCP Acknowledgement number in an ICMP error message generated by an intermediate router is within the range of possible values for data that has already been acknowledged aka "TCP acknowledgement number checking", which makes it easier for...
CVE-2003-0418
The Linux 2.0 kernel IP stack does not properly calculate the size of an ICMP citation, which causes it to include portions of unauthorized memory in ICMP error responses...
Linux Kernel IP Stack ICMP Error Response Arbitrary Memory Information Disclosure
The remote host is vulnerable to an 'icmp leak' of potentially confidential data. That is, when the host generates an ICMP error packet other than 'destination unreachable', the error packet is supposed to only contain the original message or a portion of the original message. Due to a bug in the...
CVE-2002-0704
The Network Address Translation NAT capability for Netfilter "iptables" 1.2.6a and earlier leaks translated IP addresses in ICMP error messages...
CVE-2002-0704
The Network Address Translation NAT capability for Netfilter "iptables" 1.2.6a and earlier leaks translated IP addresses in ICMP error messages...
CVE-2002-0208
PGP Security PGPfire 7.1 for Windows alters the system's TCP/IP stack and modifies packets in ICMP error messages in a way that allows remote attackers to determine that the system is running PGPfire...
CVE-2002-0208
PGP Security PGPfire 7.1 for Windows alters the system's TCP/IP stack and modifies packets in ICMP error messages in a way that allows remote attackers to determine that the system is running PGPfire...
CVE-2002-0208
The CVE concerns PGP Security PGPfire 7.1 for Windows, which alters the TCP/IP stack and modifies ICMP error messages, enabling remote attackers to determine that the target system is running PGPfire. The PT-2002-1279 entry mirrors this with details of the affected software and behavior, noting t...