DSA-201 freeswan - denial of service

Bulletin has no description...

Multiple Sun RPC-based libc implementations fails to provide time-out mechanism when reading data from TCP connections

Overview A denial-of-service vulnerability exists in multiple vendor Sun RPC-based libc implementations. Description Multiple vendor Sun RPC-based libc implementations fail to properly read data from TCP connections. As a result, a remote attacker can deny service to system daemons. --- Impact A...

CVE-2002-0414

KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database SPD, which could cause a Security Gateway SG that does not use Encapsulating Security Payload ESP to forward forged IPv4 packets...

CVE-2001-1377

CVE-2001-1377 affects multiple RADIUS implementations that fail to validate the Vendor-Length of Vendor-Specific attributes, enabling a remote attacker to crash the server when Vendor-Length

route of #phrack is a funny man!

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note to Moderator: Woops, GOBBLES drink too much boxed wine today... here important advisory ALERT! ALERT! Multiple vendor talkd vulnerability ALERT! ALERT! Forward Certain phrack op have big mouth and do stuff like /topic phrack www.bugtraq.org stuff...

CVE-2001-1244

Multiple TCP implementations could allow remote attackers to cause a denial of service bandwidth and CPU exhaustion by setting the maximum segment size MSS to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traff...

EUVD-2001-1225

Multiple TCP implementations could allow remote attackers to cause a denial of service bandwidth and CPU exhaustion by setting the maximum segment size MSS to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traff...

CVE-2001-1377

Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service crash via a Vendor-Length that is less than 2...

CVE-2001-1376

Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data...

CVE-2001-1244

Multiple TCP implementations could allow remote attackers to cause a denial of service bandwidth and CPU exhaustion by setting the maximum segment size MSS to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traff...

DNS implementations vulnerable to denial-of-service attacks via malformed DNS queries

Overview Incorrect decoding of malformed DNS packets causes certain DNS implementations to hang or crash. Description RFC1035 DOMAIN NAMES, IMPLEMENTATION AND SPECIFICATION defines a mechanism for conserving bytes in a DNS query or reply packet by avoiding repetition of character strings "labels"...

CVE-2001-0328

TCP implementations that use random increments for initial sequence numbers ISN can allow remote attackers to perform session hijacking or disruption by injecting a flood of packets with a range of ISN values, one of which may match the expected ISN...

Дырки в TACACS+

Множественные уязвимости протокола, однако в большинстве случаев требуют доступа к передаваемой информации. Кроме уязвимостей самого протокола в отдельных реализациях в частности бесплатных неподдерживаемых реализациях CISCO имеются переполнения буфера...

CVE-1999-0183

Linux implementations of TFTP would allow access to files outside the restricted directory...

CVE-2023-45251

...

CVE-2021-0122

...

CVE-2018-15652

...

CVE-2019-16855

...

CVE-2020-25870

...

CVE-2018-4520

...