CVE-2006-5201

CVE-2006-5201 affects Sun Solaris components (notably NSS, NSS-based libraries, Java JDK/JRE, JSSE, IPSec/IKE, and related Sun products). The root cause is when using an RSA key with exponent 3 that removes PKCS #1 padding prior to hash generation, enabling remote attackers to forge a PKCS #1 v1....

The latest MS06040 exploits-vulnerability warning-the black bar safety net

| Latest MS06040 exploits Microsoft Windows Server service remote buffer overflow vulnerability MS06-0 4 0 Released Do not irrigate. Otherwise deletes the ID...date: 2006-08-08 Update Do not irrigate. Otherwise deletes the ID...date: 2006-08-09 Affected system: Microsoft Windows XP SP2 Microsoft...

SIP over TLS: X.509 peer authentication vulnerability in Ingate products

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SIP over TLS: X.509 peer authentication vulnerability in Ingate products ======================================================================== Product: Ingate Firewall and Ingate SIParator Versions: all current versions Tracking ID: 2829 Summary...

CentOS 3 / 4 : wireshark (CESA-2006:0658)

New Wireshark packages that fix various security vulnerabilities are now available. Wireshark was previously known as Ethereal. This update has been rated as having low security impact by the Red Hat Security Response Team. Wireshark is a program for monitoring network traffic. Bugs were found in...

RHEL 2.1 / 3 / 4 : wireshark (RHSA-2006:0658)

New Wireshark packages that fix various security vulnerabilities are now available. Wireshark was previously known as Ethereal. This update has been rated as having low security impact by the Red Hat Security Response Team. Wireshark is a program for monitoring network traffic. Bugs were found in...

DSA-1175-1 isakmpd

Bulletin has no description...

Low: Red Hat Security Advisory: wireshark security update

New Wireshark packages that fix various security vulnerabilities are now available. Wireshark was previously known as Ethereal. This update has been rated as having low security impact by the Red Hat Security Response Team. Wireshark is a program for monitoring network traffic. Bugs were found in...

CVE-2006-4613

Multiple unspecified vulnerabilities in SnapGear before 3.1.4u1 allow remote attackers to cause a denial of service via unspecified vectors involving 1 IPSec replay windows and 2 the use of vulnerable versions of ClamAV before 0.88.4. NOTE: it is possible that vector 2 is related to CVE-2006-4018...

CVE-2006-4613

Multiple unspecified vulnerabilities in SnapGear before 3.1.4u1 allow remote attackers to cause a denial of service via unspecified vectors involving 1 IPSec replay windows and 2 the use of vulnerable versions of ClamAV before 0.88.4. NOTE: it is possible that vector 2 is related to CVE-2006-4018...

CVE-2006-4613

CVE-2006-4613 affects SnapGear before 3.1.4u1, with denial-of-service via IPSec replay window and via vulnerable ClamAV before 0.88.4; the latter (CVE-2006-4018) is a UPX-handling heap overflow in ClamAV that can crash the scanner or allow remote code execution. Some sources note vector 2 may be ...

GLSA-200608-26 : Wireshark: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200608-26 Wireshark: Multiple vulnerabilities The following vulnerabilities have been discovered in Wireshark. Firstly, if the IPsec ESP parser is used it is susceptible to off-by-one errors, this parser is disabled by default;...

CVE-2006-4436

isakmpd in OpenBSD 3.8, 3.9, and possibly earlier versions, creates Security Associations SA with a replay window of size 0 when isakmpd acts as a responder during SA negotiation, which allows remote attackers to replay IPSec packets and bypass the replay protection...

CVE-2006-4436

isakmpd in OpenBSD 3.8, 3.9, and possibly earlier versions, creates Security Associations SA with a replay window of size 0 when isakmpd acts as a responder during SA negotiation, which allows remote attackers to replay IPSec packets and bypass the replay protection...

CVE-2006-4436

isakmpd in OpenBSD 3.8, 3.9, and possibly earlier versions, creates Security Associations SA with a replay window of size 0 when isakmpd acts as a responder during SA negotiation, which allows remote attackers to replay IPSec packets and bypass the replay protection...

CVE-2006-4436

CVE-2006-4436 affects OpenBSD’s isakmpd (SAK/ISAKMP daemon) in OpenBSD 3.8, 3.9 and possibly earlier. The flaw causes Security Associations to be created with a replay window of 0 when isakmpd acts as the responder during SA negotiation, enabling remote attackers to replay IPsec packets and bypas...

CVE-2006-4436

isakmpd in OpenBSD 3.8, 3.9, and possibly earlier versions, creates Security Associations SA with a replay window of size 0 when isakmpd acts as a responder during SA negotiation, which allows remote attackers to replay IPSec packets and bypass the replay protection...

Wireshark: Multiple vulnerabilities

Background Wireshark is a feature-rich network protocol analyzer. Description The following vulnerabilities have been discovered in Wireshark. Firstly, if the IPsec ESP parser is used it is susceptible to off-by-one errors, this parser is disabled by default; secondly, the SCSI dissector is...

CVE-2006-4436

Removed by vendor...

CVE-2006-4331

Multiple off-by-one errors in the IPSec ESP preference parser in Wireshark formerly Ethereal 0.99.2 allow remote attackers to cause a denial of service crash via unspecified vectors...

CVE-2006-4331

Multiple off-by-one errors in the IPSec ESP preference parser in Wireshark formerly Ethereal 0.99.2 allow remote attackers to cause a denial of service crash via unspecified vectors...