Cisco 6000/6500/7600 series systems fail to properly process layer 2 frames

Overview Cisco 6000/6500/7600 series systems with Multilayer Switch Feature Card 2 MSFC2 fail to properly process layer 2 frames. Description Cisco 6000/6500/7600 series systems with MSFC2 contain a vulnerability in the way layer 2 frames are processed in software. By sending a specially crafted...

security flaw

Memory leak in sslengineio.c for modssl in Apache 2 before 2.0.49 allows remote attackers to cause a denial of service memory consumption via plain HTTP requests to the SSL port of an SSL-enabled server...

security flaw

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service infinite loop, as demonstrated using the Codenomicon TLS Test Tool...

security flaw

The dochangecipherspec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service crash via a crafted SSL/TLS handshake that triggers a null dereference...

security flaw

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service infinite loop, as demonstrated using the Codenomicon TLS Test Tool...

DSA-442 linux-kernel-2.4.17-s390 - several vulnerabilities

Bulletin has no description...

DEBIAN-CVE-2003-1029

The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service infinite loop and memory consumption via a packet with invalid data to UDP port 1701, which causes l2tpavpprint to use a bad length value when calling printoctets...

Cisco 6000/6500/7600 Crafted Layer 2 Frame Vulnerability

...

Cisco Security Advisory: Cisco 6000/6500/7600 Crafted Layer 2 Frame Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco 6000/6500/7600 Crafted Layer 2 Frame Vulnerability Revision 1.0 - FINAL For Public Release 2004 February 03 1600 UTC GMT - ---------------------------------------------------------------------------- Contents Summary...

Cisco IOS 12 MSFC2 - Layer 2 Frame Denial of Service

source: https://www.securityfocus.com/bid/9562/info A problem has been identified in the handling of specific types of traffic by Cisco 6000, 6500, and 7600 routers with the MSFC2 device. Because of this, an attacker could potentially crash a vulnerable system. !/usr/bin/perl Cisco Global Exploit...

Cisco IOS 6000/6500/7600 Series Layer 2 Frame DoS (CSCdy15598, CSCeb56052)

The remote router contains a version of IOS which has multiple flaws when dealing with specially layer 2 packets. CISCO identifies this vulnerability as bug id CSCdy15598 and CSCeb56052. An attacker may use this flaw to render this router inoperable. C Tenable Network Security include"compat.inc"...

DEBIAN-CVE-2002-1568

OpenSSL 0.9.6e uses assertions when detecting buffer overflow attacks instead of less severe mechanisms, which allows remote attackers to cause a denial of service crash via certain messages that cause OpenSSL to abort from a failed assertion, as demonstrated using SSLv2 CLIENTMASTERKEY messages,...

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages for Red Hat Enterprise Linux are now available which address several security vulnerabilities. The Linux kernel handles the basic functions of the operating system. Several security issues have been found that affect the Linux kernel: Al Viro found a security issue in the...

CVE-2003-0247

Unknown vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service "kernel oops"...

CVE-2003-0247

CVE-2003-0247: Affects the Linux kernel 2.4 series in the TTY layer, enabling a denial-of-service via a kernel oops. Public docs reference Debian/Red Hat advisories and OpenVAS entries noting missing updates to kernel patches (e.g., 2.4.18-powerpc, 2.4.17-mips) as remediation. The connected docs ...

Mac OS X LDAP plugins transmit user credentials in clear text

Overview Versions 10.2 and later of Apple's MacOS X operating system include support for the Lightweight Directory Access Protocol LDAP. A vulnerability in the way some of these versions of MacOS X handle authentication in certain environments could expose user's passwords in plaintext as they're...

Cisco VPN 3000 Concentrator Multiple Service Banner System Information Disclosure (CSCdu35577)

According to its banner, the remote VPN concentrator gives out too much information in application layer banners. This vulnerability is documented as Cisco bug ID CSCdu35577. C Tenable Network Security, Inc. Thanks to Nicolas FISCHBACH [email protected] for his help Ref:...

Multiple vendors' firewalls do not adequately keep state of FTP traffic

Overview Firewalls and other systems that inspect FTP application layer traffic may not adequately maintain the state of FTP commands and responses. As a result, an attacker could establish arbitrary TCP connections to FTP servers or clients located behind a vulnerable firewall. Description Many...

PT-2002-1876 · Microsoft · Outlook Express For Mac +3

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions 98 through XP Office for Mac affected versions not specified Internet Explorer for Mac affected versions not specified Outlook Express for Mac affected versions not specified Description: The issue concerns the...

security flaw

Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via 1 a large client master key in SSL2 or 2 a large session ID in SSL3...