15 matches found
SUSE CVE-2026-45905
In the Linux kernel, the following vulnerability has been resolved: xfrm: fix iprtbug race in icmproutelookup reverse path icmproutelookup performs multiple route lookups to find a suitable route for sending ICMP error messages, with special handling for XFRM IPsec policies. The lookup sequence i...
CVE-2026-45905
In the Linux kernel, the following vulnerability has been resolved: xfrm: fix iprtbug race in icmproutelookup reverse path icmproutelookup performs multiple route lookups to find a suitable route for sending ICMP error messages, with special handling for XFRM IPsec policies. The lookup sequence i...
CVE-2026-45905
CVE-2026-45905 : In the Linux kernel, a race in icmp_route_lookup’s reverse path can cause an ICMP output path to select a LOCAL route due to a faulty call to ip_route_input(). Specifically, during reverse-path handling, ip_route_input() may receive fl4_dec.daddr as destination and return a LOCAL...
EUVD-2008-1342
Malware in sbrugna...
CVE-2023-2385
A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. It has been rated as problematic. This issue affects some unknown processing of the file scgi-bin/platform.cgi?page=ikepolicies.htm of the component Web Management Interface. The manipulation of the argument IpsecIKEPolicy.IKEPolicyName...
CVE-2023-47209
A post authentication command injection vulnerability exists in the ipsec policy functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to...
CVE-2023-47209
A post authentication command injection vulnerability exists in the ipsec policy functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to...
Command injection
A post authentication command injection vulnerability exists in the ipsec policy functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to...
CVE-2023-47209
A post authentication command injection vulnerability exists in the ipsec policy functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to...
CVE-2023-2385
A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. It has been rated as problematic. This issue affects some unknown processing of the file scgi-bin/platform.cgi?page=ikepolicies.htm of the component Web Management Interface. The manipulation of the argument IpsecIKEPolicy.IKEPolicyName...
Check over WMI if IPSec Policy used for Windows - Windows
The script detects over WMI if IPSec Policy used under Windows 2000 and XP. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
smb 0day network penetration and Defense-vulnerability warning-the black bar safety net
This smb 0day vulnerabilities out for a long time, since the bun work is too busy, has not bother to pay attention to it. The vulnerability affects vista, Windows 7 and windows 2 0 0 8, EXP now surely everyone on hand the others also have, it was tested can be very good to attack vista and 2 0 0 ...
Default configuration
Microsoft Windows Vista through SP1 and Server 2008 do not properly import the default IPsec policy from a Windows Server 2003 domain to a Windows Server 2008 domain, which prevents IPsec rules from being enforced and allows remote attackers to bypass intended access restrictions...
Design/Logic Flaw
The ipsec4getulp function in the kernel in NetBSD 2.0 through 3.1 and NetBSD-current before 20071028, when the fastipsec subsystem is enabled, allows remote attackers to bypass the IPsec policy by sending packets from a source machine with a different endianness than the destination machine, a...
CVE-2008-1335
CVE-2008-1335 affects NetBSD kernel (ipsec4_get_ulp) on 2.0–3.1 and NetBSD-current before 20071028 with fast_ipsec enabled, allowing remote attackers to bypass IPsec policy by sending packets from a source with different endianness than the destination. This is a separate vulnerability from CVE-2...