2811 matches found
CVE-2017-8338
A vulnerability in MikroTik Version 6.38.5 could allow an unauthenticated remote attacker to exhaust all available CPU via a flood of UDP packets on port 500 used for L2TP over IPsec, preventing the affected router from accepting new connections; all devices will be disconnected from the router a...
PWN2OWN 2017 the Linux kernel to mention the right vulnerability analysis-vulnerability warning-the black bar safety net
! 0. Foreword In 2017, the PWN2OWN contest, the long Pavilion security research lab Chaitin Security Research Lab successfully demonstrates Ubuntu 16.10 Desktop of the local extraction rights. This attack mainly use the linux kernel IPSEC frameworkfrom linux2. 6 Start supportin a memory bounds...
EulerOS 2.0 SP1 : python (EulerOS-SA-2016-1090)
According to the version of the python packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximate...
Weblate: demo.weblate.org is vulnerable to SWEET32 Vulnerability
Cryptographic protocols like TLS, SSH, IPsec, and OpenVPN commonly use block cipher algorithms, such as AES, Triple-DES, and Blowfish, to encrypt data between clients and servers. To use such algorithms, the data is broken into fixed-length chunks, called blocks, and each block is encrypted...
Cisco ASA Software IPsec Packet Handling DoS (cisco-sa-20170419-asa-ipsec)
According to its self-reported version and configuration, the Cisco Adaptive Security Appliance ASA software running on the remote device is affected by a denial of service vulnerability in the IPsec code due to improper parsing of malformed IPsec packets. An authenticated, remote attacker can...
CVE-2017-6609
A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets ...
Design/Logic Flaw
A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets ...
CVE-2017-6609
CVE-2017-6609 affects Cisco ASA Software IPsec handling. The vulnerability stems from improper parsing of malformed IPsec packets in the IPsec code, requiring an authenticated, remote attacker to establish a valid IPsec tunnel and send crafted traffic to the affected system. Exploitation can caus...
CVE-2017-6609
A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets ...
Cisco ASA Software IPsec Denial of Service Vulnerability (cisco-sa-20170419-asa-ipsec)
A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
Cisco ASA Software IPsec Denial of Service Vulnerability
A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets ...
PT-2017-17180 · Cisco · Cisco Asa
Name of the Vulnerable Software and Affected Versions: Cisco ASA Software versions prior to 9.17.8 Cisco ASA Software versions prior to 9.24.15 Cisco ASA Software versions prior to 9.44 Cisco ASA Software versions prior to 9.53.2 Cisco ASA Software versions prior to 9.62 Description: A...
Windows IPSec Denial of Service Vulnerability
A denial of service vulnerability exists in the way that Windows handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. Note that the denial of service condition would not allow an attacker to execute code or to elevate...
SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2017:0719-1)
This update for java-171-ibm fixes the following issues: Security issue fixed : - CVE-2016-2183: The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for...
SUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2017:0720-1)
This update for java-171-ibm fixes the following issues: Security issue fixed : - CVE-2016-2183: The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for...
Code injection
The L2TP Client in MikroTik RouterOS versions 6.83.3 and 6.37.4 does not enable IPsec encryption after a reboot, which allows man-in-the-middle attackers to view transmitted data unencrypted and gain access to networks on the L2TP server by monitoring the packets for the transmitted data and...
CVE-2017-6297
The L2TP Client in MikroTik RouterOS versions 6.83.3 and 6.37.4 does not enable IPsec encryption after a reboot, which allows man-in-the-middle attackers to view transmitted data unencrypted and gain access to networks on the L2TP server by monitoring the packets for the transmitted data and...
CVE-2017-6297
The CVE-2017-6297 entry concerns MikroTik RouterOS L2TP Client in versions 6.83.3 and 6.37.4. The vulnerability arises because IPsec encryption is not enabled after a reboot, enabling man-in-the-middle attackers to view unencrypted data and potentially access networks on the L2TP server by monito...
Information disclosure
The implementation of an ANSI X9.31 RNG in Fortinet FortiGate allows attackers to gain unauthorized read access to data handled by the device via IPSec/TLS decryption...
CVE-2016-8492
The implementation of an ANSI X9.31 RNG in Fortinet FortiGate allows attackers to gain unauthorized read access to data handled by the device via IPSec/TLS decryption...