700 matches found
[SECURITY] Fedora 15 Update: NetworkManager-0.8.9997-5.git20110702.fc15
NetworkManager is a system network service that manages your network devices and connections, attempting to keep active network connectivity when availa ble. It manages ethernet, WiFi, mobile broadband WWAN, and PPPoE devices, and provides VPN integration with a variety of different VPN services...
Design/Logic Flaw
The bondselectqueue function in drivers/net/bonding/bondmain.c in the Linux kernel before 2.6.39, when a network device with a large number of receive queues is installed but the default txqueues setting is used, does not properly restrict queue indexes, which allows remote attackers to cause a...
Metasploit 3.5.1 adds Cisco device exploitation !
Metasploit now enables security professionals to exploit Cisco devices, performs passive reconnaissance through traffic analysis, provides more exploits and evaluates an organization's password security by brute forcing an ever increasing range of services. This latest release adds stealth...
The Five Key Things to Know About the Security of Your Networking Gear
Measuring the performance and security of your network equipment has never been more important than it is today. While there will always be tradeoffs between maximum throughput and maximum security, I want to emphasize the “and” in “performance and security.” Your devices must perform while...
Moderate: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Updated 23rd February 2010 This update adds references to two KBase articles...
Debian DSA-1351-1 : bochs - buffer overflow
Tavis Ormandy discovered that bochs, a highly portable IA-32 PC emulator, is vulnerable to a buffer overflow in the emulated NE2000 network device driver, which may lead to privilege escalation. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...
Packeteer Web Management Interface Detection
The remote web server is a Packeteer web management interface. nnposter GPL include"compat.inc"; if description scriptid25568; scriptversion "1.10"; name"english"="Packeteer Web Management Interface Detection"; scriptnameenglish:name"english"; scriptsetattributeattribute:"synopsis", value: "The...
Linux Kernel 2.0.x2.2.x2.4.x (FreeBSD 4.x) - Network Device Driver Frame Padding Information Disclosure
Linux Kernel 2.0.x2.2.x2.4.x FreeBSD 4.x - Network Device Driver Frame Padding Information Disclosure source: https://www.securityfocus.com/bid/6535/info Network device drivers for several vendors have been reported to disclose potentially sensitive information to attackers. Frames that are small...
Linux Kernel 2.0.x/2.2.x/2.4.x (FreeBSD 4.x) - Network Device Driver Frame Padding Information Disclosure
source: https://www.securityfocus.com/bid/6535/info Network device drivers for several vendors have been reported to disclose potentially sensitive information to attackers. Frames that are smaller than the minimum frame size should have the unused portion of the frame buffer padded with null or...
CVE-2006-5213
Sun Solaris 10 before 20061006 uses "incorrect and insufficient permission checks" that allow local users to intercept or spoof packets by creating a raw socket on a link aggregation network device aggregation...
[VulnWatch] iDefense Security Advisory 01.17.06: Cisco Systems IOS 11 Web Service CDP Status Page Code Injection Vulnerability
Cisco Systems IOS 11 Web Service CDP Status Page Code Injection Vulnerability iDefense Security Advisory 01.17.06 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=372 January 17, 2006 I. BACKGROUND Cisco IOS Software is the world's leading network infrastructure software,...
SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorisation Request Denial of Service (2)
// source: https://www.securityfocus.com/bid/9795/info An issue in the handling of specific web requests by SureCom network devices has been identified. By placing a malformed request to the web configuration interface, it is possible for an attacker to deny service to legitimate users of a...
Cisco IOS Malformed IPv4 Packet Remote DoS
According to its version number, the remote router or switch is running a vulnerable version of Cisco IOS. Sending a specific sequence of IPv4 packets can cause the input interface to stop accepting traffic. Note that this vulnerability does not affect devices that only use IPv6. C Tenable Networ...
3Com TelnetD
I noticed that there are infinity retries and no delay enabled at 3Com hardware, so I wrote this little Telnetcracker for this problem. I send it to 3Com, but I think they weren't bothered much about that. They sended me a notice to provide hardware serial and my name etc. ....strange... = This...
CVE-1999-0508
An account on a router, firewall, or other network device has a default, null, blank, or missing password...
CVE-1999-0507
An account on a router, firewall, or other network device has a guessable password...
Ascend CascadeView/UX 1.0 tftpd - Symbolic Link
source: https://www.securityfocus.com/bid/910/info The tftpd bundled with CascadeView for Ascend's B-STDX 8000/9000 network devices creates a log in /tmp called tftpdxferstatus.log. If /tmp/tftpdxferstatus.log already exists as a symbolic link, tftpd will follow it and overwrite any data it point...
CVE-1999-0507
An account on a router, firewall, or other network device has a guessable password...
PT-1998-1093 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue concerns an account on a network device, such as a router or firewall, that has a password which can be easily guessed. Recommendations: At the moment, there is no...
CVE-2023-47005
Concrete details link a vulnerability to ASUS RT-AX57 (PT-2023-7096): version 3.0.0.4 386 52041 is affected. The issue arises from insufficient input validation in the sub ln 2C318 function of the router’s microprogram, enabling a remote attacker to execute arbitrary code by crafting a request to...