Lucene search
K

105 matches found

CNVD
CNVD
added 2016/04/18 12:0 a.m.3 views

Midea's M-Smart smart socket has design logic flaws

M-Smart Smart Socket is a smart home appliance developed by Midea Group. Midea's M-Smart Smart Socket is susceptible to man-in-the-middle attacks due to insecure protocols for transmitting data and lack of validation of what is transmitted on the client and server side. The lack of effective...

6.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2016/01/25 1:45 p.m.12 views

ntp: missing check for zero originate timestamp

It was discovered that ntpd as a client did not correctly check the originate timestamp in received packets. A remote attacker could use this flaw to send a crafted packet to an ntpd client that would effectively disable synchronization with the server, or push arbitrary offset/delay measurements...

5.3CVSS7.3AI score0.06255EPSS
Exploits2References6
OSV
OSV
added 2016/01/04 5:59 a.m.4 views

UBUNTU-CVE-2015-8741

The dissectppi function in epan/dissectors/packet-ppi.c in the PPI dissector in Wireshark 2.0.x before 2.0.1 does not initialize a packet-header data structure, which allows remote attackers to cause a denial of service application crash via a crafted packet...

5.5CVSS6.4AI score0.01407EPSS
Exploits0References5
OSV
OSV
added 2013/04/26 4:55 p.m.8 views

CVE-2013-1428

Stack-based buffer overflow in the receivetcppacket function in netpacket.c in tinc before 1.0.21 and 1.1 before 1.1pre7 allows remote authenticated peers to cause a denial of service crash or possibly execute arbitrary code via a large TCP packet...

7.8AI score
Exploits0References12
OSV
OSV
added 2008/01/03 10:46 p.m.7 views

CVE-2008-0061

MaraDNS 1.0 before 1.0.41, 1.2 before 1.2.12.08, and 1.3 before 1.3.07.04 allows remote attackers to cause a denial of service via a crafted DNS packet that prevents an authoritative name CNAME record from resolving, aka "improper rotation of resource records."...

6.3AI score
Exploits0References10
OSV
OSV
added 2007/09/27 8:17 p.m.8 views

CVE-2007-5135

Off-by-one error in the SSLgetsharedciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738...

9.7AI score
Exploits0References75
OSV
OSV
added 2007/07/18 5:30 p.m.6 views

CVE-2007-3764

The Skinny channel driver chanskinny in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service crash via a certain data length value...

6.3AI score
Exploits0References12
RedHat Linux
RedHat Linux
added 2004/09/22 6:8 p.m.25 views

Important: Red Hat Security Advisory: samba security update

Updated samba packages that fix two denial of service vulnerabilities are now available. Updated 23rd September 2004 Packages have been updated to include the ppc64 packages which were left out of the initial errata. Samba provides file and printer sharing services to SMB/CIFS clients. The Samba...

5CVSS7.3AI score0.05498EPSS
Exploits0References3
securityvulns
securityvulns
added 2004/05/21 12:0 a.m.49 views

TCP RST packets spoofing

By sending spoofed RST it's possible to terminate established TCP connection. unlike TPC hijacking attacks there is no need for exact TCP sequence number, and number can be any number from handshaked TCP window. It significantly increases attack efficiency. In NetBSD sequence number for RST is no...

2AI score
Exploits0References5Affected Software11
Cvelist
Cvelist
added 2004/03/18 5:0 a.m.22 views

CVE-2004-0247

The client and server of Chaser 1.50 and earlier allow remote attackers to cause a denial of service crash via exception via a UDP packet with a length field that is greater than the actual data length, which causes Chaser to read unexpected memory...

6.6AI score0.03438EPSS
Exploits1References3
Cvelist
Cvelist
added 2002/08/31 4:0 a.m.23 views

CVE-2002-1071

ZyXEL Prestige 642R allows remote attackers to cause a denial of service in the Telnet, FTP, and DHCP services crash via a TCP packet with both the SYN and ACK flags set...

6.6AI score0.03318EPSS
Exploits1References5
Cvelist
Cvelist
added 2002/08/31 4:0 a.m.19 views

CVE-2002-0886

Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service hang or memory consumption via 1 a large packet to the DHCP port, 2 a large packet to the Telnet port, or 3 a flood of large packets to the CPE, which causes the TCP/IP stack to consume large...

6.8AI score0.0537EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2002/06/05 12:0 a.m.27 views

Cisco IOS ARP Table Overwrite DoS (CSCdu81936)

It is possible to send an Address Resolution Protocol ARP packet on a local broadcast interface for example, Ethernet, cable, Token Ring, FDDI which could cause a router or switch running specific versions of Cisco IOS Software Release to stop sending and receiving ARP packets on the local router...

5CVSS5.5AI score0.0235EPSS
Exploits0References1
securityvulns
securityvulns
added 2001/12/19 12:0 a.m.30 views

Re: Zyxel Prestige 681 and 1600 (possibly other?) remote DoS

On Friday 14 December 2001 12:08, Przemyslaw Frasunek wrote: The workaround is to switch off routing and put device in bridging mode. Zyxel support has been notified, I won't release details of attack, until ZyNOS will be patched. I haven't received any response from Zyxel helpdesk so time to...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2000/12/14 12:0 a.m.49 views

ISSalert: Internet Security Systems Security Advisory: Multiple vulnerabilities in the WatchGuard SOHO Firewall

TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to [email protected] Contact [email protected] for help with any problems! --------------------------------------------------------------------------- -----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Security...

10CVSS0.2AI score0.06212EPSS
Exploits3
exploitpack
exploitpack
added 2000/05/18 12:0 a.m.14 views

Axent NetProwler 3.0 - IP Packets Denial of Service (1)

Axent NetProwler 3.0 - IP Packets Denial of Service 1 // source: https://www.securityfocus.com/bid/1225/info Axent NetProwler 3.0 IDS is vulnerable to a malformed packet attack. It will crash if the Man-in-the-Middle signature encounters a packet for which the following expression is true:...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2000/05/18 12:0 a.m.20 views

Axent NetProwler 3.0 - IP Packets Denial of Service (2)

Axent NetProwler 3.0 - IP Packets Denial of Service 2 source: https://www.securityfocus.com/bid/1225/info Axent NetProwler 3.0 IDS is vulnerable to a malformed packet attack. It will crash if the Man-in-the-Middle signature encounters a packet for which the following expression is true:...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2000/05/18 12:0 a.m.31 views

Axent NetProwler 3.0 - IP Packets Denial of Service (2)

source: https://www.securityfocus.com/bid/1225/info Axent NetProwler 3.0 IDS is vulnerable to a malformed packet attack. It will crash if the Man-in-the-Middle signature encounters a packet for which the following expression is true: IPHEADERLENGTH + TCPHEADERLENGTH IPTOTALLENGTH According to Axe...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2000/05/18 12:0 a.m.29 views

Axent NetProwler 3.0 - IP Packets Denial of Service (1)

// source: https://www.securityfocus.com/bid/1225/info Axent NetProwler 3.0 IDS is vulnerable to a malformed packet attack. It will crash if the Man-in-the-Middle signature encounters a packet for which the following expression is true: IPHEADERLENGTH + TCPHEADERLENGTH IPTOTALLENGTH According to...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2000/05/17 12:0 a.m.48 views

disable.tcpdump

Greetings. There is a way to disable tcpdump running on a remote host. By sending a carefully crafted UDP packet on the network which tcpdump monitors, it is possible, under certain circonstances, to make tcpdump fall into an infinite loop. This undesired behaviour has serious consequences for an...

7.4AI score
Exploits0
Rows per page
Query Builder