663 matches found
Citrix Receiver on the Internal Network fails to connect to a Store when Remote Access enabled
This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information. Under certain circumstances, while trying to access from a client in the internal network to a...
DEBIAN-CVE-2016-3698
libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol NDP messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service network connectivity disruption by advertising a node as a router from a...
MGASA-2016-0185 Updated libndp packages fix CVE-2016-3698
Updated libndp package fixes security vulnerability: Libndp is a library used by NetworkManager that provides a wrapper for the IPv6 Neighbor Discovery Protocol. It also provides a tool named ndptool for sending and receiving NDP messages. Security Fixes: It was found that libndp did not properly...
RHEL 7 : libndp (RHSA-2016:1086)
An update for libndp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
CentOS 7 : libndp (CESA-2016:1086)
An update for libndp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Fisher-Price Smart Toy platform allows some unauthenticated web API commands
Overview The Fisher-Price Smart Toy does not perform proper authentication of some API commands, and it may also use a vulnerable version of Android. Description The Fisher-Price Smart Toy bear is a new WiFi-connected Internet of Things IoT toy. The device utilizes network connectivity to provide...
A Brief History of the Internet in Northern Virginia
Earlier today I happened to see a short piece from the Bloomberg Businessweek "The Year Ahead: 2016" issue, titled The Best Places to Build Data Centers. The text said the following: Cloud leaders including Amazon.com, Microsoft, Google, IBM, and upstart DigitalOcean are spending tens of billions...
CVE-2015-6988
The kernel in Apple iOS before 9.1 and OS X before 10.11.1 does not initialize an unspecified data structure, which allows remote attackers to execute arbitrary code via vectors involving an unknown network-connectivity requirement...
Security feature bypass
The kernel in Apple iOS before 9.1 and OS X before 10.11.1 does not initialize an unspecified data structure, which allows remote attackers to execute arbitrary code via vectors involving an unknown network-connectivity requirement...
CVE-2015-6988
The kernel in Apple iOS before 9.1 and OS X before 10.11.1 does not initialize an unspecified data structure, which allows remote attackers to execute arbitrary code via vectors involving an unknown network-connectivity requirement...
Social Media Mining: MassMine
MassMine is a social media mining and archiving application that simplifies the process of collecting and managing large amounts of data across multiple sources. It is designed with the researcher in mind, providing a flexible framework for tackling individualized research needs. MassMine is...
Cisco Aironet DHCP Denial of Service Vulnerability
A vulnerability in the DHCP subsystem of Cisco Aironet access points could allow an unauthenticated, adjacent attacker to create a denial of service condition. The vulnerability is due to an error condition that may occur when very short DHCP leases are in use. If an attacker can prevent the acce...
Microsoft Windows 95/98 - NetBIOS NULL Name Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1163/info Unpredictable results, including system crashes, lock-ups, reboots, and loss of network connectivity, can occur in Windows 95/98 if a NetBIOS session packet is received with the source host name set to NULL. /...
U.S. Robotics USR808054 Wireless Access Point Web Administration Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10840/info The USR808054 wireless access point is reported to contain a denial of service vulnerability in its embedded web server. When malicious requests are received by the device, it will reportedly crash, denying...
Check Point Software Firewall-1 3.0/1.4.0/1.4.1 Spoofed Source Denial of Service
No description provided by source. source: http://www.securityfocus.com/bid/1419/info If Checkpoint Firewall-1 receives a number of spoofed UDP packets with Source IP = Destination IP, the firewall and likely the machine hosting it crashes. NOTE: This vulnerability while being posted to Bugtraq i...
PalmOS 3/4 ICMP Flood Remote Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7597/info A problem with PalmOS may result in a denial of service. It has been reported that PalmOS becomes unstable when flooded with ICMP ECHOREQUEST traffic. A remote attacker can trigger a device lockup condition or...
MS14-016: Vulnerability in Security Account Manager Remote (SAMR) Protocol Could Allow Security Feature Bypass (2934418)
A security feature bypass vulnerability exists in Windows due to the Security Account Manager Remote SAMR protocol incorrectly validating the user lockout state. Remote, authenticated attackers can exploit this issue to conduct brute force attacks against user passwords. Note that the host must...
CVE-2014-0674
Cisco Video Surveillance Operations Manager VSOM does not require authentication for MySQL database connections, which allows remote attackers to obtain sensitive information, modify data, or cause a denial of service by leveraging network connectivity from a client system with a crafted host nam...
CVE-2014-0674
Cisco Video Surveillance Operations Manager VSOM does not require authentication for MySQL database connections, which allows remote attackers to obtain sensitive information, modify data, or cause a denial of service by leveraging network connectivity from a client system with a crafted host nam...
Netgear ProSafe switches: Unauthenticated startup-config disclosure and Denial of Service
BACKGROUND According to the vendor, Netgear ProSafe is a cost-effective line of smart switches for Small and Medium Businesses SMBs. The products cover an essential set of network features and easy-to-use web-based management. Power over Ethernet PoE and Stacking versions are also available. 2...