21 matches found
EUVD-2002-1726
Malware in sbrugna...
CVE-2024-41199
An issue in Ocuco Innovation - JOBMANAGER.EXE v2.10.24.16 allows attackers to bypass authentication and escalate privileges to Administrator via a crafted TCP packet...
CVE-2013-1209
The encryption functionality in the Virtual Supervisor Module VSM to Virtual Ethernet Module VEM communication component in Cisco NX-OS on the Nexus 1000V does not properly authenticate VSM/VEM packets, which allows remote attackers to disable packet-level encryption and integrity protection via...
CVE-2025-46628
The CVE concerns Tenda RX2 Pro with a vulnerability in the ate management service. Lack of input validation/sanitization in the ate service allows an unauthorized remote attacker to gain root shell access by sending a crafted UDP packet while the service is enabled, with no authentication require...
D-Link Dir-X1860 Denial of Service Vulnerability (CNVD-2022-38536)
The D-Link Dir-X1860 is a dual-band router from D-Link, a Chinese company. The D-Link DIR-X1860 suffers from a denial-of-service vulnerability that stems from the lack of HTTP packet authentication and filtering in the software web application leading to HTTP smuggling attacks, which can be...
Cisco Catalyst 9000 Denial of Service Vulnerability
The Cisco Catalyst 9000 is a switch from the American company Cisco. A security vulnerability exists in the Cisco Catalyst 9000 Family Wireless Controllers that stems from insufficient CAPWAP packet authentication. An attacker could exploit the vulnerability to cause a denial of service DoS...
Siemens SIMATIC S7-300 CPU Denial of Service Vulnerability (CNVD-2019-00986)
The Siemens SIMATIC S7-300 CPU is a modular general-purpose controller from Siemens for the manufacturing industry. A denial of service vulnerability exists in the Siemens SIMATIC S7-300 CPU. The vulnerability is caused due to a failure of the affected CPU to properly authenticate S7 communicatio...
PWN2OWN 2017 the Linux kernel to mention the right vulnerability analysis-vulnerability warning-the black bar safety net
! 0. Foreword In 2017, the PWN2OWN contest, the long Pavilion security research lab Chaitin Security Research Lab successfully demonstrates Ubuntu 16.10 Desktop of the local extraction rights. This attack mainly use the linux kernel IPSEC frameworkfrom linux2. 6 Start supportin a memory bounds...
ntp: libntp message digest disclosure
A flaw was found in the way NTP's libntp performed message authentication. An attacker able to observe the timing of the comparison function used in packet authentication could potentially use this flaw to recover the message digest...
Debian DLA-559-1 : ntp security update
Several vulnerabilities were discovered in the Network Time Protocol daemon and utility programs : CVE-2015-7974 Matt Street discovered that insufficient key validation allows impersonation attacks between authenticated peers. CVE-2015-7977 / CVE-2015-7978 Stephen Gray discovered that a NULL...
[SECURITY] [DSA 3629-1] ntp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3629-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 25, 2016 https://www.debian.org/security/faq -...
DSA-3629-1 ntp - security update
Bulletin has no description...
DLA-559-1 ntp - security update
Bulletin has no description...
ntp: libntp message digest disclosure
A flaw was found in the way NTP's libntp performed message authentication. An attacker able to observe the timing of the comparison function used in packet authentication could potentially use this flaw to recover the message digest...
CVE-2016-1567
chrony before 1.31.2 and 2.x before 2.2.1 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."...
[SECURITY] [DSA 3223-1] ntp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3223-1 [email protected] http://www.debian.org/security/ Alessandro Ghedini April 12, 2015 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 3223-1 (ntp - security update)
Multiple vulnerabilities were discovered in ntp, an implementation of the Network Time Protocol: CVE-2015-1798 When configured to use a symmetric key with an NTP peer, ntpd would accept packets without MAC as if they had a valid MAC. This could allow a remote attacker to bypass the packet...
DSA-3223-1 ntp - security update
Bulletin has no description...
CVE-2002-1755
tinc 1.0pre3 and 1.0pre4 VPN does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on CBC...
CVE-2002-1747
Vtun 2.5b1 does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on ECB...