Lucene search
K

27 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001525)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001525 advisory. The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An...

7.8CVSS6.3AI score0.24575EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-18667

Malware in sbrugna...

7.8CVSS7.7AI score0.04006EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:4 a.m.2 views

SUSE CVE-2009-1298

The ipfragreasm function in net/ipv4/ipfragment.c in the Linux kernel 2.6.32-rc8, and 2.6.29 and later versions before 2.6.32, calls IPINCSTATSBH with an incorrect argument, which allows remote attackers to cause a denial of service NULL pointer dereference and hang via long IP packets, possibly...

7.8CVSS6.6AI score0.03872EPSS
Exploits1References4
OSV
OSV
added 2020/10/21 7:15 p.m.4 views

CVE-2020-3373

A vulnerability in the IP fragment-handling implementation of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. This memory leak could prevent traffic from...

8.6CVSS7.3AI score0.01894EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/10/21 12:0 a.m.7 views

PT-2020-4462 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance versions prior to the fixed version Cisco Firepower Threat Defense versions prior to the fixed version Description: The issue is related to an uncontrolled resource consumption in the software of Cisco Adapti...

8.6CVSS8.2AI score0.01894EPSS
Exploits0References5
FreeBSD
FreeBSD
added 2020/05/04 12:0 a.m.18 views

zeek -- Various vulnerabilities

Jon Siwek of Corelight reports: This release fixes the following security issues: Fix potential stack overflow in NVT analyzer Fix NVT analyzer memory leak from multiple telnet authn name options Fix multiple content-transfer-encoding headers causing a memory leak Fix potential leak of Analyzers...

3.7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/11/14 12:0 a.m.26 views

Cisco IOS XE Software IP Fragment Reassembly DoS (cisco-sa-20160928-frag)

According to its self-reported version, Cisco IOS XE Software is affected by a denial of service DoS vulnerability in the IPv4 fragment reassembly function due to the corruption of an internal data structure that occurs when the affected software reassembles an IPv4 packet. An unauthenticated,...

7.8CVSS7.5AI score0.02868EPSS
Exploits0References3
OSV
OSV
added 2018/11/23 4:9 p.m.6 views

SUSE-SU-2018:3881-1 Security update for the Linux Kernel (Live Patch 2 for SLE 15)

This update for the Linux Kernel 4.12.14-256 fixes one issue. The following security issue was fixed: - CVE-2018-5391: Fixed a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may have caused a denial of service condition by...

7.8CVSS7.2AI score0.24575EPSS
Exploits0References3
OSV
OSV
added 2018/11/16 3:1 p.m.7 views

SUSE-SU-2018:3792-1 Security update for the Linux Kernel (Live Patch 23 for SLE 12 SP2)

This update for the Linux Kernel 4.4.121-9285 fixes one issue. The following security issue was fixed: - CVE-2018-5391: Fixed a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may have caused a denial of service condition by...

7.8CVSS7.2AI score0.24575EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2018/11/13 4:36 p.m.7 views

kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack)

A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU...

7.8CVSS7.1AI score0.24575EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2018/10/30 12:5 p.m.2 views

kernel: a bug in ip_frag_reasm() can cause a crash in ip_do_fragment()

A security flaw was found in the ipfragreasm function in net/ipv4/ipfragment.c in the Linux kernel which can cause a later system crash in ipdofragment. With certain non-default, but non-rare, configuration of a victim host, an attacker can trigger this crash remotely, thus leading to a remote...

7.1CVSS7.3AI score0.02861EPSS
Exploits1References4
CNVD
CNVD
added 2018/09/20 12:0 a.m.6 views

Linux kernel denial of service vulnerability (CNVD-2018-19435)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A denial of service vulnerability exists in the 'ipfragreasm' function of the net/ipv4/ipfragment.c file in Linux kernel versions 4.19-rc1 through 4.19-rc3, which can ...

7.1CVSS6.1AI score0.02861EPSS
Exploits1References1
OSV
OSV
added 2018/09/04 6:29 p.m.6 views

CVE-2018-6923

In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p2, 11.1-RELEASE-p13, ip fragment reassembly code is vulnerable to a denial of service due to excessive system resource consumption. This issue can allow a remote attacker who is able to send an arbitrary ip fragments to cause the machine to consume...

7.5CVSS7.1AI score0.04006EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/08/23 12:0 a.m.30 views

FreeBSD : FreeBSD -- Resource exhaustion in IP fragment reassembly (359e1548-a652-11e8-805b-a4badb2f4699)

A researcher has notified us of a DoS attack applicable to another operating system. While FreeBSD may not be vulnerable to that exact attack, we have identified several places where inadequate DoS protection could allow an attacker to consume system resources. It is not necessary that the attack...

7.8CVSS7.4AI score0.04006EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2018/08/14 12:0 a.m.28 views

FreeBSD -- Resource exhaustion in IP fragment reassembly

Problem Description: A researcher has notified us of a DoS attack applicable to another operating system. While FreeBSD may not be vulnerable to that exact attack, we have identified several places where inadequate DoS protection could allow an attacker to consume system resources. It is not...

7.8CVSS4AI score0.04006EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2018/06/09 12:0 a.m.6 views

PT-2018-1834 · Palo Alto Networks +9 · Pan-Os +12

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 3.9 and later PAN-OS versions prior to 6.1.22 PAN-OS versions prior to 7.1.20 PAN-OS versions prior to 8.0.13 PAN-OS versions prior to 8.1.5 Arista EOS affected versions not specified vEOS affected versions not specified...

8.4CVSS7.4AI score0.7354EPSS
Exploits93References910
Zero Day Initiative
Zero Day Initiative
added 2017/11/21 12:0 a.m.25 views

VMware Workstation NAT IP Fragment Reassembly Heap-based Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling...

6.2CVSS3.9AI score0.00436EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2016/09/29 12:0 a.m.32 views

Cisco IOS XE Software IP Fragment Reassembly Denial of Service Vulnerability

A vulnerability in the IPv4 fragment reassembly function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright...

7.8CVSS7.6AI score0.02868EPSS
Exploits0References1
Prion
Prion
added 2008/02/29 11:44 a.m.18 views

Design/Logic Flaw

Unspecified vulnerability in the Internet Protocol IP implementation in Sun Solaris 8, 9, and 10 allows remote attackers to bypass intended firewall policies or cause a denial of service panic via unknown vectors, possibly related to ICMP packets and IP fragment reassembly...

6.8CVSS7AI score0.02302EPSS
Exploits0References8Affected Software2
NVD
NVD
added 2008/02/29 11:44 a.m.22 views

CVE-2008-1095

Unspecified vulnerability in the Internet Protocol IP implementation in Sun Solaris 8, 9, and 10 allows remote attackers to bypass intended firewall policies or cause a denial of service panic via unknown vectors, possibly related to ICMP packets and IP fragment reassembly...

6.8CVSS6.8AI score0.02302EPSS
Exploits0References8
Rows per page
Query Builder