EUVD-2002-0506

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414662)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414662 advisory. An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker ...

CVE-2002-2058

TeeKai Tracking Online 1.0 uses weak encryption of web usage statistics in data/userlog/log.txt, which allows remote attackers to identify IP's visiting the site by dividing each octet by the MD5 hash of '20'...

In the Linux kernel before 5.1.7 a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g. UDP and ICMP). When such traffic is sent to multiple destination IP addresses it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). An attack may be conducted by hosting a crafted web page that uses WebRTC or gQUIC to force UDP traffic to attacker-controlled IP addresses.

...

SUSE CVE-2019-10639

The Linux kernel 4.x starting from 4.1 and 5.x before 5.0.8 allows Information Exposure partial kernel address disclosure, leading to a KASLR bypass. Specifically, it is possible to extract the KASLR kernel image offset using the IP ID values the kernel produces for connection-less protocols e.g....

CVE-2021-4226

RSFirewall tries to identify the original IP address by looking at different HTTP headers. A bypass is possible due to the way it is implemented...

Design/Logic Flaw

RSFirewall tries to identify the original IP address by looking at different HTTP headers. A bypass is possible due to the way it is implemented...

Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR

A flaw was found in the way the Linux kernel derived the IP ID field from a partial kernel space address returned by a nethashmix function. A remote user could observe this IP ID field to extract the kernel address bits used to derive its value, which may result in leaking the hash key and...

Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR

A flaw was found in the way the Linux kernel derived the IP ID field from a partial kernel space address returned by a nethashmix function. A remote user could observe this IP ID field to extract the kernel address bits used to derive its value, which may result in leaking the hash key and...

aSYNcrone - A SYN Flood DDoS Tool

aSYNcrone is a C language based, mulltifunction SYN Flood DDoS Weapon. Disable the destination system by sending a SYN packet intensively to the destination. aSYNcrone's POWER!!! USAGE git clone https://github.com/fatih4842/aSYNcrone.git cd aSYNcrone gcc aSYNcrone.c -o aSYNcrone -lpthread...

Kernel: net: weak IP ID generation leads to remote device tracking

A flaw was found in the way the Linux kernel derived the IP ID field from a partial kernel space address returned by a nethashmix function. A remote user could observe a weak IP ID generation in this field to track Linux devices...

USN-4114-1 linux, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities

Amit Klein and Benny Pinkas discovered that the Linux kernel did not sufficiently randomize IP ID values generated for connectionless networking protocols. A remote attacker could use this to track particular Linux devices. CVE-2019-10638 Praveen Pandey discovered that the Linux kernel did not...

UBUNTU-CVE-2019-10639

The Linux kernel 4.x starting from 4.1 and 5.x before 5.0.8 allows Information Exposure partial kernel address disclosure, leading to a KASLR bypass. Specifically, it is possible to extract the KASLR kernel image offset using the IP ID values the kernel produces for connection-less protocols e.g....

UBUNTU-CVE-2014-7284

The netgetrandomonce implementation in net/core/utils.c in the Linux kernel 3.13.x and 3.14.x before 3.14.5 on certain Intel processors does not perform the intended slow-path operation to initialize random seeds, which makes it easier for remote attackers to spoof or disrupt IP communication by...

Linux Kernel UDP Implementation IP Identification Field Remote OS Disclosure

The remote host appears to be run a version of the Linux kernel that sends UDP responses in which the IP identification field is constant and equal to zero 0. With this information, an attacker could mount further, more targeted attacks against this host. Note that RedHat does not consider this a...

security flaw

The ippushpendingframes function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan nmap -sI attack, which bypasses intended protections against such attacks...

Relative IP Identification number change

The remote host uses non-random IP IDs, that is, it is possible to predict the next value of the ipid field of the ip packets sent by this host. SPDX-FileCopyrightText: 1999 SecuriTeam Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

CVE-2002-2058

TeeKai Tracking Online 1.0 is affected by a weak encryption flaw in the stored web usage statistics (data/userlog/log.txt) that enables remote attackers to identify visiting IPs by dividing each octet by the MD5 hash of '20'. The Red Hat advisory and PT-Security notes corroborate the vulnerabilit...

CVE-2002-2058

TeeKai Tracking Online 1.0 uses weak encryption of web usage statistics in data/userlog/log.txt, which allows remote attackers to identify IP's visiting the site by dividing each octet by the MD5 hash of '20'...

CVE-2002-2057

TeeKai Forum 1.2 uses weak encryption of web usage statistics in data/memberlog.txt, which is stored under the web document root with insufficient access control, which allows remote attackers to identify IP's visiting the site by dividing each octet by the MD5 hash of '20'...