Information Disclosure

The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: A heap-based buffer overflow flaw was found in the Linux kernel's iSCSI target subsystem. A remote attacker could use a specially-crafted iSCSI request to caus...

Rockwell Automation MicroLogix Detection (EtherNet/IP)

Detection of Rockwell Automation MicroLogix PLC SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-865-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Input validation

Cisco Sourcefire Snort 3.0 before build 233 mishandles Ether Type Validation. Since valid ether type and IP protocol numbers do not overlap, Snort++ stores all protocol decoders in a single array. That makes it possible to craft packets that have IP protocol numbers in the ether type field which...

Debian DLA-865-1 : suricata security update

It was discovered that there was a vulnerability in suricata, an intrusion detection tool; the IP protocol was not being used to match fragments with their packets allowing a carefully constructed packet with a different protocol to be matched, thus creating a packet that would not be re-assemble...

CVE-2017-7177

Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching...

F5 Networks BIG-IP : libxml2 vulnerability (K14338030)

The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted XML document. CVE-2016-1762 File data f5bigipSOL14338030.nasl...

Schneider 140NOE77101 Ethernet Module IP Protocol Denial of Service Vulnerability

The 140NOE77101 is an Ethernet communication module for Schneider's Quantum series PLCs. A denial of service vulnerability exists in the 140NOE77101 Ethernet module IP protocol, which occurs when the NOE module receives all segmented and reorganized messages with a total length exceeding 65535...

Moxa OnCell Security Vulnerabilities

OVERVIEW Independent researcher Maxim Rupp has identified authorization bypass and disclosed OS commanding vulnerabilities in Moxa’s OnCell Security Software. Moxa has produced a new version to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely. AFFECTED PRODUCTS Th...

Voice over LTE implementations contain multiple vulnerabilities

Overview Long Term Evolution LTE mobile networks are currently deployed through the world. These LTE mobile networks make use of full packet switching and the IP protocol, unlike previous iterations of the mobile network. This change from circuit switching to packet switching allows new attacks n...

Amazon Linux: Security Advisory (ALAS-2012-133)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity rating...

RHEL 7 : kernel (RHSA-2015:1534)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:1534 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. An integer overflow flaw was found in the way the Linu...

Moderate: Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update

Updated kernel-rt packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which...

CentOS 6 : kernel (CESA-2015:1221)

Updated kernel packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

Moderate: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

Updated kernel packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

impacket

Impacket ======== !Latest Versionhttps://img.shields.io/pyp...

KL-001-2015-001 : Windows 2003 tcpip.sys Privilege Escalation

KL-001-2015-001 : Microsoft Windows Server 2003 SP2 Arbitrary Write Privilege Escalation Title: Microsoft Windows Server 2003 SP2 Arbitrary Write Privilege Escalation Advisory ID: KL-001-2015-001 Publication Date: 2015.01.28 Publication URL:...

Microsoft Windows Server 2 0 0 3 SP2 - Privilege Escalation-vulnerability warning-the black bar safety net

KL-0 0 1-2 0 1 5-0 0 1 : Microsoft Windows Server 2 0 0 3 SP2 Arbitrary Write Privilege Escalation Title: Microsoft Windows Server 2 0 0 3 SP2 Arbitrary Write Privilege Escalation Advisory ID: KL-0 0 1-2 0 1 5-0 0 1 Publication Date: 2015.01.28 Publication URL:...

Microsoft Windows Server 2003 SP2 - Privilege Escalation Exploit

The tcpip.sys driver fails to sufficiently validate memory objects used during the processing of a user-provided IOCTL. By crafting an input buffer that will be passed to the Tcp device through the NtDeviceIoControlFile function, it is possible to trigger a vulnerability that would allow an...