9 matches found
CVE-2018-25297
CVE-2018-25297 describes a buffer overflow in Wansview 1.0.2 during camera addition, where oversized input (e.g., 2000-byte payloads in the Camera name and DID number fields) can crash the application. The advisory notes a local attack vector with LOW complexity and HIGH impact on availability. N...
EUVD-2002-0506
Malware in sbrugna...
Suricata security breach
Suricata is a suite of network intrusion detection system IDS, intrusion prevention system IPS, and network security monitoring engine developed by the Open Information Security Foundation OISF and its supported vendors, which supports multi-threading, built-in IPv6, and the ability to load...
Sesami Cash Point & Transport Optimizer Security Vulnerability
Sesami Cash Point & Transport Optimizer is a solution from Sesami, Inc. A security vulnerability exists in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 that stems from the presence of a cross-site scripting vulnerability. The vulnerability allows remote attackers to execute...
kernel: off-path attacker may inject data or terminate victim's TCP session
A TCP/IP packet spoofing attack flaw was found in the Linux kernel’s TCP/IP protocol, where a Man-in-the-Middle Attack MITM performs an IP fragmentation attack and an IPID collision. This flaw allows a remote user to pretend to be the sender of the TCP/IP packet for an existing TCP/IP session...
Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR
A flaw was found in the way the Linux kernel derived the IP ID field from a partial kernel space address returned by a nethashmix function. A remote user could observe this IP ID field to extract the kernel address bits used to derive its value, which may result in leaking the hash key and...
Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR
A flaw was found in the way the Linux kernel derived the IP ID field from a partial kernel space address returned by a nethashmix function. A remote user could observe this IP ID field to extract the kernel address bits used to derive its value, which may result in leaking the hash key and...
Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR
A flaw was found in the way the Linux kernel derived the IP ID field from a partial kernel space address returned by a nethashmix function. A remote user could observe this IP ID field to extract the kernel address bits used to derive its value, which may result in leaking the hash key and...
Linux Kernel UDP Implementation IP Identification Field Remote OS Disclosure
The remote host appears to be run a version of the Linux kernel that sends UDP responses in which the IP identification field is constant and equal to zero 0. With this information, an attacker could mount further, more targeted attacks against this host. Note that RedHat does not consider this a...