Lucene search
K

97 matches found

Cvelist
Cvelist
added 2005/04/21 4:0 a.m.43 views

CVE-2001-1473

The SSH-1 protocol allows remote servers to conduct man-in-the-middle attacks and replay a client challenge response to a target server by creating a Session ID that matches the Session ID of the target, but which uses a public key pair that is weaker than the target's public key, which allows th...

6.3AI score0.06268EPSS
Exploits0References2
OSV
OSV
added 2003/09/20 12:0 a.m.17 views

DSA-389 ipmasq - insecure packet filtering rules

Bulletin has no description...

7.5CVSS6.2AI score0.01487EPSS
Exploits0
securityvulns
securityvulns
added 2003/06/10 12:0 a.m.36 views

Linux 2.0 remote info leak from too big icmp citation

---------------------------------------------------------------------- Cartel Sйcuritй --- Security Advisory Advisory Number: CARTSA-20030314 Subject: Linux 2.0 remote info leak from too big icmp citation Author: Philippe Biondi [email protected] Discovered: March 14, 2003 Published: June...

7AI score
Exploits0
CVE
CVE
added 2002/08/31 4:0 a.m.65 views

CVE-2001-1398

The CVE-2001-1398 issue affects the Linux kernel prior to 2.2.19, arising from the masquerading code where packet length checks were lax, potentially enabling kernel memory writes via the CPIA driver off-by-one bug. Confirmed in multiple advisories (Mandrake MDKSA-2001:037 and Debian/Debian DSA-0...

7.5CVSS5.4AI score0.02857EPSS
Exploits0References10Affected Software1
CERT
CERT
added 2002/04/02 12:0 a.m.31 views

Linux kernel IP Masquerading "destination loose" (DLOOSE) configuration passes arbitrary UDP traffic

Overview The default configuration of the IP Masquerade feature of certain Linux 2.2 kernels may allow unsolicited inbound UDP packets to traverse a NAT gateway and reach a translated network. Description As defined in RFC 1631, Network Address Translation NAT provides a means to translate a loca...

5CVSS6.2AI score0.02618EPSS
Exploits1References9
Cvelist
Cvelist
added 2002/03/09 5:0 a.m.31 views

CVE-2001-1056

IRC DCC helper in the ipmasqirc IP masquerading module 2.2 allows remote attackers to bypass intended firewall restrictions by causing the target system to send a "DCC SEND" request to a malicious server which listens on port 6667, which may cause the module to believe that the traffic is a valid...

6.7AI score0.02439EPSS
Exploits0References5
securityvulns
securityvulns
added 2001/07/31 12:0 a.m.60 views

[RAZOR] Linux kernel IP masquerading vulnerability

RAZOR Advisory Author: Michal Zalewski [email protected] Issue Date: July 30, 2001 Topic: A remotely exploitable IP masquerading vulnerability in the Linux kernel can be used to penetrate protected private networks. Affected Platforms: Linux 2.0, Linux 2.2, and possibly other systems...

7.4AI score
Exploits0
NVD
NVD
added 2001/07/30 4:0 a.m.24 views

CVE-2001-1056

IRC DCC helper in the ipmasqirc IP masquerading module 2.2 allows remote attackers to bypass intended firewall restrictions by causing the target system to send a "DCC SEND" request to a malicious server which listens on port 6667, which may cause the module to believe that the traffic is a valid...

7.5CVSS6.7AI score0.02439EPSS
Exploits0References5
CVE
CVE
added 2000/10/13 4:0 a.m.73 views

CVE-2000-0289

Summary: CVE-2000-0289 concerns the Linux kernel IP Masquerade (NAT) feature on 2.2.x, where the UDP DLOOSE behavior can allow an attacker to send arbitrary UDP packets to hosts behind a vulnerable NAT by matching only destination IP/port, potentially affecting existing sessions. What is affected...

5CVSS6.7AI score0.02618EPSS
Exploits1References3Affected Software3
Cvelist
Cvelist
added 2000/10/13 4:0 a.m.37 views

CVE-2000-0289

IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection...

6.7AI score0.02618EPSS
Exploits1References3
securityvulns
securityvulns
added 2000/08/22 12:0 a.m.92 views

Security Bulletin (MS00-059)

Microsoft Security Bulletin MS00-059 - -------------------------------------- Patch Available for "Java VM Applet" Vulnerability Originally posted: August 21, 2000 Summary ======= Microsoft has released a patch that eliminates a security vulnerability in the Microsoftr virtual machine Microsoft V...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2000/05/10 12:0 a.m.55 views

Ipchains!

Ipchains buffer overflow with debian 2.2.10 Kernel. -------------------------------------------------- there is a buffer overflow hang in linux debian distributin kernel 2.2.10 with ipchains 1.3.8, 27-Oct-1998. here is the explanation. We tested with a linux running with debian above version of...

2.6AI score
Exploits0
securityvulns
securityvulns
added 2000/04/08 12:0 a.m.35 views

Security Problems with Linux 2.2.x IP Masquerading

Security Problems with Linux 2.2.x IP Masquerading Summary: Due to lax checking in the masquerading kernel code, an attacker is able to rewrite a linux masq gateway's UDP masquerading entries so that the remote host and port are whatever they choose. This creates a tunnel between whatever host an...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2000/04/04 12:0 a.m.36 views

linux-masq-udp.txt

Security Problems with Linux 2.2.x IP Masquerading Summary: Due to lax checking in the masquerading kernel code, an attacker is able to rewrite a linux masq gateway's UDP masquerading entries so that the remote host and port are whatever they choose. This creates a tunnel between whatever host an...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/03/29 12:0 a.m.18 views

Проблемы с маскарадингом в Linux

анализируя ICMP-ответы при сканировании портов, отведенных под маскарадинг по-умолчанию 61000 - 65096 можно обнаружить и перехватить активные UDP-сеансы...

0.5AI score
Exploits0References1
NVD
NVD
added 2000/03/27 5:0 a.m.24 views

CVE-2000-0289

IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection...

5CVSS6.7AI score0.02618EPSS
Exploits1References3
NVD
NVD
added 1996/02/21 5:0 a.m.18 views

CVE-1999-0143

Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys...

4.6CVSS0.00385EPSS
Exploits0References1
Rows per page
Query Builder