CVE-2018-0056

If a duplicate MAC address is learned by two different interfaces on an MX Series device, the MAC address learning function correctly flaps between the interfaces. However, the Layer 2 Address Learning Daemon L2ALD daemon might crash when attempting to delete the duplicate MAC address when the...

CVE-2018-0056

If a duplicate MAC address is learned by two different interfaces on an MX Series device, the MAC address learning function correctly flaps between the interfaces. However, the Layer 2 Address Learning Daemon L2ALD daemon might crash when attempting to delete the duplicate MAC address when the...

Code injection

Receipt of a specially crafted IPv6 exception packet may be able to trigger a kernel crash vmcore, causing the device to reboot. The issue is specific to the processing of Broadband Edge BBE client route processing on MX Series subscriber management platforms, introduced by the Tomcat Next...

MX Series: L2ALD daemon may crash if a duplicate MAC is learned by two different interfaces

If a duplicate MAC address is learned by two different interfaces on an MX Series device, the MAC address learning function correctly flaps between the interfaces. However, the Layer 2 Address Learning Daemon L2ALD daemon might crash when attempting to delete the duplicate MAC address when the...

Code injection

If a duplicate MAC address is learned by two different interfaces on an MX Series device, the MAC address learning function correctly flaps between the interfaces. However, the Layer 2 Address Learning Daemon L2ALD daemon might crash when attempting to delete the duplicate MAC address when the...

CVE-2018-0056 MX Series: L2ALD daemon may crash if a duplicate MAC is learned by two different interfaces

If a duplicate MAC address is learned by two different interfaces on an MX Series device, the MAC address learning function correctly flaps between the interfaces. However, the Layer 2 Address Learning Daemon L2ALD daemon might crash when attempting to delete the duplicate MAC address when the...

CVE-2018-0058 MX Series: In BBE configurations, receipt of a crafted IPv6 exception packet causes a Denial of Service

Receipt of a specially crafted IPv6 exception packet may be able to trigger a kernel crash vmcore, causing the device to reboot. The issue is specific to the processing of Broadband Edge BBE client route processing on MX Series subscriber management platforms, introduced by the Tomcat Next...

CVE-2018-0056

The CVE describes an issue in Juniper Networks Junos OS on MX Series devices with l2-backhaul VPN configured. The Layer 2 Address Learning Daemon (L2ALD) may crash when deleting a duplicate MAC address learned on two different interfaces if the entry is not found in the internal MAC address table...

mx-fiesta.com XSS vulnerability

Open Bug Bounty ID: OBB-676198 Description| Value ---|--- Affected Website:| mx-fiesta.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

New Relic: DNS misconfiguration on email.alerts.newrelic.com

While checking the subdomains i found that the subdomain email.alerts.newrelic.com upon navigating downloads a file saying "Mailgun Magnificent API" And has the following DNS info screenshot attached The problem lies in this issue: You add the domain email.alerts.newrelic.com to Mailgun Mailgun...

proyectoscemer.morelos.gob.mx XSS vulnerability

Open Bug Bounty ID: OBB-610708 Description| Value ---|--- Affected Website:| proyectoscemer.morelos.gob.mx Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Denial of Service Vulnerability in MXProgrammer Software

MXProgrammer software is a windows desktop software of Weihai Mack Electric Technology Co., Ltd. which is used to communicate with its MX series PLC products and complete the functions of program writing and downloading. A denial of service vulnerability exists in the MXProgrammer software. The...

Design/Logic Flaw

In Roundcube from versions 1.2.0 to 1.3.5, with the archive plugin enabled and configured, it's possible to exploit the unsanitized, user-controlled "uid" parameter in an archive.php task=mail&mbox=INBOX&action=plugin.move2archive request to perform an MX IMAP injection attack by placing an IMAP...

CVE-2018-9846

In Roundcube from versions 1.2.0 to 1.3.5, with the archive plugin enabled and configured, it's possible to exploit the unsanitized, user-controlled "uid" parameter in an archive.php task=mail&mbox=INBOX&action=plugin.move2archive request to perform an MX IMAP injection attack by placing an IMAP...

CVE-2018-9846

In Roundcube from versions 1.2.0 to 1.3.5, with the archive plugin enabled and configured, it's possible to exploit the unsanitized, user-controlled "uid" parameter in an archive.php task=mail&mbox=INBOX&action=plugin.move2archive request to perform an MX IMAP injection attack by placing an IMAP...

CVE-2018-9846

In Roundcube from versions 1.2.0 to 1.3.5, with the archive plugin enabled and configured, it's possible to exploit the unsanitized, user-controlled "uid" parameter in an archive.php task=mail&mbox=INBOX&action=plugin.move2archive request to perform an MX IMAP injection attack by placing an IMAP...

ID-entify - Search for information related to a domain (Emails, Domains, Information on WEB technology, Type of Firewall, NS and MX records)

ID-entify is a tool that allows you to search for information in the passive way related to a domain. Developed By Carlos Ramírez López. SEARCH FOR INFORMATION RELATED TO A DOMAIN: Emails IP addresses Domains Information on WEB technology Type of Firewall NS and MX records Nmap to IP addresses an...

File Upload Vulnerability in Longcai MX

Longcai MX is a marketing website that caters to consumer needs and buying desires. A file upload vulnerability exists in Loncai MX, where an attacker can construct an upload form to upload a file, and at the same time grab packets to modify the file suffix to further gain control of the web serv...

Juniper Networks Junos OS Denial of Service Vulnerability (CNVD-2018-02839)

Juniper SRX Series and MX Series with Service PICs are Juniper Networks firewall appliances.Junos OS is the operating system that runs on them. A denial of service vulnerability exists in the Junos OS in Juniper SRX Series and MX Series with Service PIC appliances. An attacker can exploit this...

Memory corruption

On SRX Series and MX Series devices with a Service PIC with any ALG enabled, a crafted TCP/IP response packet processed through the device results in memory corruption leading to a flowd daemon crash. Sustained crafted response packets lead to repeated crashes of the flowd daemon which results in...