2805 matches found
CVE-2024-42057
A command injection vulnerability in the IPSec VPN feature of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50W series firmware versions from V4.16 through V5.38, and USG20W-VPN series firmware versions from V4.16...
CVE-2024-42057
A command injection vulnerability in the IPSec VPN feature of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50W series firmware versions from V4.16 through V5.38, and USG20W-VPN series firmware versions from V4.16...
CVE-2024-42057
CVE-2024-42057 affects Zyxel Zyxel ATP and USG FLEX/USG FLEX 50(W)/USG20(W)-VPN firmware from V4.16–V5.38 (and V4.32–V5.38 for ATP/USG), with an unauthenticated OS command injection via a crafted username. The root cause is in the IPSec VPN feature; successful exploitation requires User-Based-PSK...
Check Point Security Gateway Arbitrary File Read
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Check Point Security Gateway Arbitrary File Read', 'Description' = %q This module leverages an unauthenticated arbitrary root file read...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a memory access problem in the xfrm component in the input error path...
SonicWALL SonicOS IPSec VPN Buffer Overflow Vulnerability
SonicWALL SonicOS IPSec VPN is a VPN solution from SonicWALL USA. SonicWALL SonicOS IPSec VPN suffers from a buffer overflow vulnerability that originates from a boundary error when the application processes untrusted input. A remote attacker could exploit the vulnerability to cause a programmati...
Vulnerability fixed in SonicOS
A vulnerability has been fixed in SonicWall SonicOS IPSec. The vulnerability in SonicWall SonicOS IPSec allows an unauthenticated remote malicious person to cause Denial of Service DoS. SonicWall has made available a workaround and patch to fix the vulnerability. See the reference for more...
CVE-2024-40764
Heap-based buffer overflow vulnerability in the SonicOS IPSec VPN allows an unauthenticated remote attacker to cause Denial of Service DoS...
CVE-2024-40764
Heap-based buffer overflow vulnerability in the SonicOS IPSec VPN allows an unauthenticated remote attacker to cause Denial of Service DoS...
CVE-2024-40764
Heap-based buffer overflow vulnerability in the SonicOS IPSec VPN allows an unauthenticated remote attacker to cause Denial of Service DoS...
CVE-2024-40764
CVE-2024-40764 affects SonicOS IPSec VPN (SonicWall/SonicOS). The issue is a heap-based buffer overflow caused by a boundary error when processing untrusted input in the IPSec VPN implementation, allowing an unauthenticated remote attacker to trigger a Denial of Service. Multiple sources corrobor...
Heap-based buffer overflow vulnerability in SonicOS IPSec VPN
Heap-based buffer overflow vulnerability in the SonicOS IPSec allows an unauthenticated remote attacker to cause Denial of Service DoS. CVE: CVE-2024-40764 Last updated: Aug. 5, 2024, 9:37 p.m...
EulerOS 2.0 SP9 : docker-engine (EulerOS-SA-2024-1928)
According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various...
Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-1928)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Acceleration Does Not Work After Cisco ASA 8.x is Configured to Allow TCP Options
Installed Citrix CloudBridge as INLINE in two sites, which are connected through an IPSec VPN using Cisco ASA firewall. The TCP option policy, as suggested in CTX112401 – Acceleration Does Not Take Place for Configured Traffic Types, is applied to ASA, but acceleration still does not work. The...
How to Configure a CloudConnector Between Two NetScaler VPX Appliances Using a Wizard
This article describes how to configure a CloudConnector between two NetScaler VPX appliances on different data centers- Data Center A and Data Center B using a wizard. Background CloudConnector is a feature used to build a cloud-extended data center. You can create bridges to connect one or more...
CVE-2024-39545 Junos OS: SRX Series, MX Series with SPC3 and NFX350: When VPN tunnels parameters are not configured in specific way the iked process will crash
An Improper Check for Unusual or Exceptional Conditions vulnerability in the the IKE daemon iked of Juniper Networks Junos OS on SRX Series, MX Series with SPC3 and NFX350 allows allows an unauthenticated, network-based attacker sending specific mismatching parameters as part of the IPsec...
CVE-2024-39545 Junos OS: SRX Series, MX Series with SPC3 and NFX350: When VPN tunnels parameters are not configured in specific way the iked process will crash
An Improper Check for Unusual or Exceptional Conditions vulnerability in the the IKE daemon iked of Juniper Networks Junos OS on SRX Series, MX Series with SPC3 and NFX350 allows allows an unauthenticated, network-based attacker sending specific mismatching parameters as part of the IPsec...
CVE-2024-39545
The CVE describes an Improper Check for Unusual or Exceptional Conditions in Juniper Networks Junos OS iked (on SRX Series, MX Series with SPC3, and NFX350), where unauthenticated network-based attackers can trigger an iked crash during IPsec negotiations by sending specific mismatching parameter...
RHEL 9 : libreswan (RHSA-2024:4431)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:4431 advisory. Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both...