EUVD-2000-0288

Malware in sbrugna...

Information Disclosure

libvirt is vulnerable to information disclosure. It was found that libvirt created insecure iptables rules on the host when a guest system was configured for IP masquerading, allowing the guest to use privileged ports on the host when accessing network resources. A privileged guest user could use...

ICMP IP Tunnel: ICMPTunnel

icmptunnel works by encapsulating your IP traffic in ICMP echo packets and sending them to your own proxy server. The proxy server decapsulates the packet and forwards the IP traffic. The incoming IP packets which are destined for the client are again encapsulated in ICMP reply packets and sent...

Scientific Linux Security Update : libvirt on SL5.x i386/x86_64

It was found that libvirt did not set the user-defined backing store format when creating a new image, possibly resulting in applications having to probe the backing store to discover the format. A privileged guest user could use this flaw to read arbitrary files on the host. CVE-2010-2239 It was...

CentOS Update for libvirt CESA-2010:0615 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

libvirt security update

CentOS Errata and Security Advisory CESA-2010:0615 Updated libvirt packages that fix two security issues and three bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVS...

Low: Red Hat Security Advisory: libvirt security and bug fix update

Updated libvirt packages that fix two security issues and three bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...

Debian Security Advisory DSA 389-1 (ipmasq)

The remote host is missing an update to ipmasq announced via advisory DSA 389-1. OpenVAS Vulnerability Test $Id: deb3891.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 389-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian: Security Advisory (DSA-389)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DSA-389 ipmasq - insecure packet filtering rules

Bulletin has no description...

Linux kernel IP Masquerading "destination loose" (DLOOSE) configuration passes arbitrary UDP traffic

Overview The default configuration of the IP Masquerade feature of certain Linux 2.2 kernels may allow unsolicited inbound UDP packets to traverse a NAT gateway and reach a translated network. Description As defined in RFC 1631, Network Address Translation NAT provides a means to translate a loca...

CVE-2001-1056

IRC DCC helper in the ipmasqirc IP masquerading module 2.2 allows remote attackers to bypass intended firewall restrictions by causing the target system to send a "DCC SEND" request to a malicious server which listens on port 6667, which may cause the module to believe that the traffic is a valid...

[RAZOR] Linux kernel IP masquerading vulnerability

RAZOR Advisory Author: Michal Zalewski [email protected] Issue Date: July 30, 2001 Topic: A remotely exploitable IP masquerading vulnerability in the Linux kernel can be used to penetrate protected private networks. Affected Platforms: Linux 2.0, Linux 2.2, and possibly other systems...

CVE-2001-1056

IRC DCC helper in the ipmasqirc IP masquerading module 2.2 allows remote attackers to bypass intended firewall restrictions by causing the target system to send a "DCC SEND" request to a malicious server which listens on port 6667, which may cause the module to believe that the traffic is a valid...

CVE-2000-0289

IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection...

CVE-2000-0289

Summary: CVE-2000-0289 concerns the Linux kernel IP Masquerade (NAT) feature on 2.2.x, where the UDP DLOOSE behavior can allow an attacker to send arbitrary UDP packets to hosts behind a vulnerable NAT by matching only destination IP/port, potentially affecting existing sessions. What is affected...

Ipchains!

Ipchains buffer overflow with debian 2.2.10 Kernel. -------------------------------------------------- there is a buffer overflow hang in linux debian distributin kernel 2.2.10 with ipchains 1.3.8, 27-Oct-1998. here is the explanation. We tested with a linux running with debian above version of...

Security Problems with Linux 2.2.x IP Masquerading

Security Problems with Linux 2.2.x IP Masquerading Summary: Due to lax checking in the masquerading kernel code, an attacker is able to rewrite a linux masq gateway's UDP masquerading entries so that the remote host and port are whatever they choose. This creates a tunnel between whatever host an...

CVE-2000-0289

IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection...