478 matches found
CVE-2024-56073
An issue was discovered in FastNetMon Community Edition through 1.2.7. Zero-length templates for Netflow v9 allow remote attackers to cause a denial of service divide-by-zero error and application crash...
PT-2024-9990 · Unknown · Fastnetmon Community Edition
Name of the Vulnerable Software and Affected Versions: FastNetMon Community Edition versions 1.2.7 and earlier Description: An issue was discovered that allows remote attackers to cause a denial of service. This is due to zero-length templates for Netflow v9, which can lead to a divide-by-zero...
Plixer Scrutinizer NetFlow And SFlow Analyzer HTTP Authentication Bypass
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Plixer Scrutinizer NetFlow and sFlow Analyzer HTTP Authentication Bypass', 'Description' = %q This will add an administrative account to...
ManageEngine NetFlow Analyzer Arbitrary File Download
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine NetFlow Analyzer Arbitrary File Download', 'Description' = %q This module exploits an arbitrary file download vulnerability in...
CVE-2024-35304
System command injection through Netflow function due to improper input validation, allowing attackers to execute arbitrary system commands. This issue affects Pandora FMS: from 700 through 777...
CVE-2024-35304
System command injection through Netflow function due to improper input validation, allowing attackers to execute arbitrary system commands. This issue affects Pandora FMS: from 700 through 777...
CVE-2024-35304
CVE-2024-35304 describes a system command injection in Pandora FMS, triggered by the Netflow function due to improper input validation. Affected versions are Pandora FMS 700 up to, but not including, 777. The vulnerability can allow an attacker to execute arbitrary system commands remotely over t...
CVE-2024-35304 System command injection through Netflow function
System command injection through Netflow function due to improper input validation, allowing attackers to execute arbitrary system commands. This issue affects Pandora FMS: from 700 through 777...
ManageEngine NetFlow Analyzer 12.5.x < 12.5.657 / 12.6.x < 12.6.002 / 12.6.104 / 12.6.118 Authenticate Bypass
The version of ManageEngine NetFlow Analyzer running on the remote web server 12.5.x prior to 12.5.657, or 12.6.x prior to 12.6.002 / 12.6.104 / 12.6.118. It is, there, affected by an authentication bypass vulnerability. Due to the lack of proper request handling an unauthenticated, remote attack...
VulnCheck KEV: CVE-2022-36923
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 125657, 126002, 126104, and 126118 allow unauthenticated attackers to obtain a user's API key, and then access...
Scrutinizer NetFlow & sFlow Analyzer SQL Injection Vulnerability
Plixer Scrutinizer NetFlow & sFlow Analyzer is a network traffic analysis system from Plixer, USA. The system provides traffic monitoring, context forensics, and security analysis. A security vulnerability exists in Scrutinizer NetFlow & sFlow Analyzer versions prior to 19.3.1, which stems from a...
QakBot Malware Operators Expand C2 Network with 15 New Servers
The operators associated with the QakBot aka QBot malware have set up 15 new command-and-control C2 servers as of late June 2023. The findings are a continuation of the malware's infrastructure analysis from Team Cymru, and arrive a little over two months after Lumen Black Lotus Labs revealed tha...
The vulnerability of the implementation of the IPv6 protocol in software for network monitoring tools such as OpManager, OpManager MSP, OpManager Plus, Network Configuration Manager, OpUtils, and the network traffic analyzer NetFlow Analyzer allows a attacker to execute arbitrary code.
The vulnerability of the IPv6 protocol implementation in software for network monitoring tools such as OpManager, OpManager MSP, OpManager Plus, Network Configuration Manager, OpUtils, and the network traffic analyzer NetFlow Analyzer is related to insufficient validation of input data during...
K16939: Multiple Wireshark vulnerabilities
Security Advisory Description Description CVE-2014-6421 Use-after-free vulnerability in the SDP dissector in Wireshark 1.10.x before 1.10.10 allows remote attackers to cause a denial of service application crash via a crafted packet that leverages split memory ownership between the SDP and RTP...
SUSE CVE-2014-6424
The dissectv9v10pdudata function in epan/dissectors/packet-netflow.c in the Netflow dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 refers to incorrect offset and start variables, which allows remote attackers to cause a denial of service uninitialized memory read and...
SUSE CVE-2016-10363
Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting malicious Netflow v5, Netflow v9 or IPFIX packets could perform a denial of service attack on the Logstash instance. The errors resulting from these crafted inputs are not handled by the codec and ca...
SUSE CVE-2021-3635
A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root CAPSYSADMIN access is able to panic the system when issuing netfilter netflow commands...
Fedora: Security Advisory for fastnetmon (FEDORA-2022-18023b665f)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 37 Update: fastnetmon-1.2.1-4.20220528git420e7b8.fc37
DDoS detection tool with sFlow, Netflow, IPFIX and port mirror support...
[SECURITY] Fedora 36 Update: fastnetmon-1.2.1-2.20220528git420e7b8.fc36
DDoS detection tool with sFlow, Netflow, IPFIX and port mirror support...