Lucene search
K

67 matches found

NVD
NVD
added 2012/05/24 11:55 p.m.21 views

CVE-2011-3188

The 1 IPv4 and 2 IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service disrupted networking or hijack network sessions by predicting...

9.1CVSS8.7AI score0.05798EPSS
Exploits0References9
Cvelist
Cvelist
added 2012/05/24 11:0 p.m.35 views

CVE-2011-3188

The 1 IPv4 and 2 IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service disrupted networking or hijack network sessions by predicting...

8.8AI score0.05798EPSS
Exploits0References9
CVE
CVE
added 2012/05/24 11:0 p.m.974 views

CVE-2011-3188

CVE-2011-3188 affects the Linux kernel prior to 3.1, where IPv4 and IPv6 sequence numbers/Fragment IDs are generated with a modified MD4. This predictable value generation enables remote attackers to cause DoS or hijack sessions by crafting packets. The vulnerability is mitigated by upgrading the...

9.1CVSS8.7AI score0.05798EPSS
Exploits0References9Affected Software1
RedHat Linux
RedHat Linux
added 2011/11/22 4:36 p.m.6 views

kernel: net: improve sequence number generation

The 1 IPv4 and 2 IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service disrupted networking or hijack network sessions by predicting...

9.1CVSS7.4AI score0.05798EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2011/08/25 12:0 a.m.38 views

CVE-2011-3188

The 1 IPv4 and 2 IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service disrupted networking or hijack network sessions by predicting...

9.1CVSS7.2AI score0.05798EPSS
Exploits0References15
OpenVAS
OpenVAS
added 2009/09/02 12:0 a.m.39 views

Google Chrome 'JavaScript' And 'HTTPS' Multiple Vulnerabilities - Aug09

This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodgooglechromemultvulnaug09.nasl 5055 2017-01-20 14:08:39Z teissa $ Google Chrome 'JavaScript' And 'HTTPS' Multiple Vulnerabilities - Aug09 Authors: Sharath S Copyright: Copyrig...

10CVSS1AI score0.05038EPSS
Exploits0References3
Prion
Prion
added 2009/08/27 5:30 p.m.29 views

Design/Logic Flaw

Google Chrome before 2.0.172.43 does not prevent SSL connections to a site with an X.509 certificate signed with the 1 MD2 or 2 MD4 algorithm, which makes it easier for man-in-the-middle attackers to spoof arbitrary HTTPS servers via a crafted certificate, a related issue to CVE-2009-2409...

6.4CVSS6.1AI score0.04506EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2009/08/27 5:30 p.m.39 views

CVE-2009-2973

Google Chrome before 2.0.172.43 does not prevent SSL connections to a site with an X.509 certificate signed with the 1 MD2 or 2 MD4 algorithm, which makes it easier for man-in-the-middle attackers to spoof arbitrary HTTPS servers via a crafted certificate, a related issue to CVE-2009-2409...

6.4CVSS5.7AI score0.00932EPSS
Exploits0References5
Cvelist
Cvelist
added 2009/08/27 5:0 p.m.35 views

CVE-2009-2973

Google Chrome before 2.0.172.43 does not prevent SSL connections to a site with an X.509 certificate signed with the 1 MD2 or 2 MD4 algorithm, which makes it easier for man-in-the-middle attackers to spoof arbitrary HTTPS servers via a crafted certificate, a related issue to CVE-2009-2409...

5.9AI score0.00932EPSS
Exploits0References5
CVE
CVE
added 2009/08/27 5:0 p.m.102 views

CVE-2009-2973

CVE-2009-2973 affects Google Chrome prior to 2.0.172.43, where SSL connections to a site with an X.509 certificate signed using MD2 or MD4 could be spoofed by a man-in-the-middle. This is related to CVE-2009-2409. Connected documents indicate MD2/MD4 hash-signature weaknesses and that mitigations...

6.4CVSS5.7AI score0.00932EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2009/08/27 5:0 p.m.59 views

CVE-2009-2973

Removed by vendor...

6.4CVSS7AI score0.00932EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/08/26 12:0 a.m.42 views

Google Chrome < 2.0.172.43 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 2.0.172.43. Such versions are reportedly affected by multiple issues : - A flaw in the V8 JavaScript engine might allow a specially crafted JavaScript page to access unauthorized data in memory or to execute arbitrary code...

10CVSS7.2AI score0.05038EPSS
Exploits2References6
Saint
Saint
added 2009/08/12 12:0 a.m.50 views

Windows Telnet credential reflection

Added: 08/12/2009 CVE: CVE-2009-1930 BID: 35993 OSVDB: 56904 Background Microsoft Windows operating systems come with a telnet service. This service prompts a user to provide a login name and password. Following successful authentication, the server displays a shell prompt, allowing the user to r...

10CVSS9.7AI score0.41388EPSS
Exploits5
RedHat Linux
RedHat Linux
added 2009/07/31 2:26 p.m.52 views

Critical: Red Hat Security Advisory: nspr and nss security and bug fix update

Updated nspr and nss packages that fix security issues and bugs are now available for Red Hat Enterprise Linux 4.7 Extended Update Support. This update has been rated as having critical security impact by the Red Hat Security Response Team. Netscape Portable Runtime NSPR provides platform...

9.3CVSS7.2AI score0.05741EPSS
Exploits5References6
RedHat Linux
RedHat Linux
added 2009/07/30 10:20 p.m.44 views

Critical: Red Hat Security Advisory: nspr and nss security, bug fix, and enhancement update

Updated nspr and nss packages that fix security issues, bugs, and add an enhancement are now available for Red Hat Enterprise Linux 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. The packages with this update are identical to the packages...

9.3CVSS7.2AI score0.05741EPSS
Exploits5References5
Saint
Saint
added 2009/07/24 12:0 a.m.37 views

Novell Client NetIdentity Agent XTIERRPCPIPE pointer dereference vulnerability

Added: 07/24/2009 CVE: CVE-2009-1350 BID: 34400 OSVDB: 53351 Background Novell Client software provides NetWare connectivity to Windows platforms. Problem A vulnerability in the xtagent.exe program allows remote, authenticated attackers to execute arbitrary commands by sending a specially crafted...

10CVSS7AI score0.65934EPSS
Exploits7
seebug.org
seebug.org
added 2008/07/16 12:0 a.m.18 views

S/Key和OPIE数据库漏洞

在使用S/Key或OPIE认证的服务器上存在一个安全漏洞。这个漏洞允许本地用户获得对S/Key或OPIE数据库的访问权。 S/Key是使用一次性口令技术的认证机制。系统管理员可以进行配置,使用户能够通过S/Key认证访问使用login8的任何服务,如Telnet和FTP。制定认证类型的配置文件是/etc/login.conf。 为了配置一个用户能够使用S/Key,管理员或该用户(如果程序是suid root)首先必须使用skeyinit(或keyinit)程序。这个程序初始化S/Key数据库(/etc/skeykeys)中的用户入口项。这个数据库文件包含输入S/Key口令时需要比较的信息...

7.2AI score
Exploits0
Saint
Saint
added 2008/02/22 12:0 a.m.86 views

Novell Client nwspool.dll EnumPrinters buffer overflow

Added: 02/22/2008 CVE: CVE-2008-0639 BID: 27741 OSVDB: 41510 Background Novell Client software provides NetWare connectivity to Windows platforms. Problem The nwspool.dll library in Novell Client is affected by a buffer overflow in the EnumPrinters function, allowing remote attackers to execute...

10CVSS8AI score0.23186EPSS
Exploits6
Saint
Saint
added 2007/12/24 12:0 a.m.50 views

Samba lsa_io_trans_names buffer overflow

Added: 12/24/2007 CVE: CVE-2007-2446 BID: 24195 OSVDB: 34699 Background Samba is a software package which implements the SMB protocol on a variety of platforms, providing compatibility with Windows systems. Problem A vulnerability in the LSA RPC interface allows a remote attacker to execute...

10CVSS9.2AI score0.77806EPSS
Exploits23
Saint
Saint
added 2007/08/10 12:0 a.m.36 views

Novell Client 4.91 SP4 nwspool.dll buffer overflow

Added: 08/10/2007 CVE: CVE-2007-6701 BID: 25092 OSVDB: 37319 Background Novell Client software provides NetWare connectivity to Windows platforms. Problem The nwspool.dll library in Novell Client is affected by buffer overflow vulnerabilities in several different functions, allowing remote...

10CVSS8AI score0.0717EPSS
Exploits6
Rows per page
Query Builder