Microsoft Windows Layer 2 Tunneling Protocol 竞争条件问题漏洞

Microsoft Windows is a set of operating systems for use on personal devices from the American company Microsoft. A remote code execution vulnerability exists in the Microsoft Windows Layer 2 Tunneling Protocol, which can be exploited by an attacker to remotely execute code...

Microsoft Windows Layer 2 Tunneling Protocol 竞争条件问题漏洞

Microsoft Windows is a set of operating systems for use on personal devices from the American company Microsoft. A remote code execution vulnerability exists in the Microsoft Windows Layer 2 Tunneling Protocol, which can be exploited by an attacker to remotely execute code...

Microsoft Windows Layer 2 Tunneling Protocol 竞争条件问题漏洞

Microsoft Windows is a set of operating systems for use on personal devices from the American company Microsoft. A remote code execution vulnerability exists in the Microsoft Windows Layer 2 Tunneling Protocol, which can be exploited by an attacker to remotely execute code...

PT-2023-5967 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to the implementation of the Layer 2 Tunneling Protocol L2TP in Windows operating systems, specifically involving the use of memory after it has been freed. This can...

PT-2023-5964 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to the implementation of the Layer 2 Tunneling Protocol L2TP in Windows operating systems, specifically involving the use of memory after it has been freed. This can...

PT-2023-5973 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to the implementation of the Layer 2 Tunneling Protocol L2TP in Windows operating systems, specifically involving the use of memory after it has been freed. This can...

PT-2023-5965 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to the implementation of the Layer 2 Tunneling Protocol L2TP in Windows operating systems, specifically involving the use of memory after it has been freed. This can be...

PT-2023-5966 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in synchronization when using a shared resource in the implementation of the Layer 2 tunneling protocol in Windows operating systems. This can be exploited by...

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. The most serious vulnerability with reference CVE-2023-35349 is in Microsoft Message Queueing MSQS. This vulnerability allows an unauthenticated remote malicious person to execute arbitrary execute arbitrary code with service privileges. MSMQ is...

The vulnerability of the Layer 2 Tunneling Protocol (L2TP) implementation in the Cisco IOS XE operating system allows a hacker to induce a service failure.

The vulnerability of the Layer 2 Tunneling Protocol L2TP implementation in the Cisco IOS XE operating system is related to improper cleaning or release of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

PT-2023-9463 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the handling of transhdrlen in the ip,6 append data function. Including transhdrlen in the length is a problem when the packet is partially filled, as it can...

CVE-2023-20227

A vulnerability in the Layer 2 Tunneling Protocol L2TP feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper handling of certain L2TP packets. An attacker could explo...

Cisco IOS XE Software Security Vulnerability

Cisco IOS XE Software is an operating system from Cisco, Inc. A single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE Software that stems from a flaw in th...

PT-2023-5645 · Cisco · Cisco Ios Xe

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software affected versions not specified Description: A vulnerability in the Layer 2 Tunneling Protocol L2TP feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service DoS...

CVE-2023-20169

A vulnerability in the Intermediate System-to-Intermediate System IS-IS protocol of Cisco NX-OS Software for the Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the IS-IS process to...

The vulnerability of the l2cap_sock_release function (net/bluetooth/l2cap_sock.c) in the Linux operating system’s kernel allows a attacker to cause a service failure or exert other adverse effects.

The vulnerability of the l2capsockrelease function net/bluetooth/l2capsock.c in Linux operating system kernels is related to the use of memory after it is released. Exploiting this vulnerability can allow an attacker to cause service failures or have other adverse effects...

The vulnerability of the Windows operating system’s Layer-2 Bridge network driver allows a hacker to execute arbitrary code.

The vulnerability of the Layer-2 Bridge network driver for Windows operating systems exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of the Windows operating system’s Layer-2 Bridge network driver allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Windows Layer-2 Bridge network driver is related to information disclosure. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c

A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw allows a local or bluetooth connection user to crash the system or potentially escalate privileges...

CVE-2023-36840

A Reachable Assertion vulnerability in Routing Protocol Daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows a locally-based, low-privileged attacker to cause a Denial of Service DoS. On all Junos OS and Junos OS Evolved, when a specific L2VPN command is run, RPD will crash and...