Microsoft Windows Multiple Vulnerabilities (KB4462922)

This host is missing a critical security update according to Microsoft KB4462922 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

KB4462941: Windows 8.1 and Windows Server 2012 R2 October 2018 Security Update

The remote Windows host is missing security update 4462941 or cumulative update 4462926. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in...

KB4462918: Windows 10 Version 1709 and Windows Server Version 1709 October 2018 Security Update

The remote Windows host is missing security update 4462918. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass vulnerability exists in DNS Global Blocklist feature. An attacker who successfully exploited this vulnerability could redirect traffic to malicious DNS...

KB4462922: Windows 10 October 2018 Security Update

The remote Windows host is missing security update 4462922. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker...

KB4462937: Windows 10 Version 1703 October 2018 Security Update

The remote Windows host is missing security update 4462937. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker...

KB4462917: Windows 10 Version 1607 and Windows Server 2016 October 2018 Security Update

The remote Windows host is missing security update 4462917. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker...

Linux Kernel IP Fragment Reassembly Denial of Service Vulnerability Affecting Cisco Products: August 2018

On August 14, 2018, the Vulnerability Coordination team of the National Cyber Security Centre of Finland NCSC-FI and the CERT Coordination Center CERT/CC disclosed a vulnerability in the IP stack that is used by the Linux Kernel. This vulnerability is publicly known as FragmentSmack. The...

CVE-2017-9312

Improperly implemented option-field processing in the TCP/IP stack on Allen-Bradley L30ERMS safety devices v30 and earlier causes a denial of service. When a crafted TCP packet is received, the device reboots immediately...

Command-line Network Packet Crafting and Injection Utility: nemesis

The Nemesis Project is designed to be a command line based, portable human IP stack for UNIX-like and Windows systems. The suite is broken down by protocol, and should allow for useful scripting of injected packets from simple shell scripts. Key Features ARP/RARP, DNS, ETHERNET, ICMP, IGMP, IP,...

Fast and More Efficient Stateless SYN Scanner And Banner Grabber: PolarBearScan

polarbearscan is an attempt to do faster and more efficient banner grabbing and port scanning. It combines two different ideas which hopefully will make it somewhat worthy of your attention and time. The first of these ideas is to use stateless SYN scanning using cryptographically protected cooki...

pbscan - Faster And More Efficient Stateless SYN Scanner And Banner Grabber

polarbearscan is an attempt to do faster and more efficient banner grabbing and port scanning. It combines two different ideas which hopefully will make it somewhat worthy of your attention and time. The first of these ideas is to use stateless SYN scanning using cryptographically protected cooki...

CVE-2015-3913

CVE-2015-3913 affects Huawei Campus series switch IP stacks. According to Huawei’s advisory HWPSIRT-2015-02003, the vulnerability arises from improper handling of IP options in the IP stack when processing crafted ICMP requests, which can cause a board reboot (denial of service). Other connected ...

CVE-2015-3913

The IP stack in multiple Huawei Campus series switch models allows remote attackers to cause a denial of service reboot via a crafted ICMP request message...

openSUSE Security Update : the Linux Kernel (openSUSE-2016-1426)

The openSUSE Leap 42.2 kernel was updated to 4.4.36 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2015-1350: The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended...

Updated kernel packages fix security vulnerabilities

This update is based on the upstream 4.4.30 kernel and fixes at least these security issues: The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid...

Important: kernel

Issue Overview: The IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service stack consumption and panic or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers an...

SUSE-SU-2016:2638-1 Security update for Linux Kernel Live Patch 4 for SLE 12 SP1

This update for the Linux Kernel 3.12.57-6035 fixes several issues. The following security bugs were fixed: - CVE-2016-5195: A local privilege escalation using MAPPRIVATE was fixed, which is reportedly exploited in the wild bsc1004419. - CVE-2016-8666: The IP stack in the Linux kernel allowed...

CVE-2016-8666

The IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service stack consumption and panic or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers and GRE headers, a...

Design/Logic Flaw

The IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service stack consumption and panic or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers and GRE headers, a...

Design/Logic Flaw

The IP stack in the Linux kernel through 4.8.2 allows remote attackers to cause a denial of service stack consumption and panic or possibly have unspecified other impact by triggering use of the GRO path for large crafted packets, as demonstrated by packets that contain only VLAN headers, a relat...