19 matches found
CVE-2026-38719
OpENer v2.3-558-g1e99582 contains an out-of-bounds read vulnerability in the Common Packet Format CPF parser, specifically in CreateCommonPacketFormatStructure in source/src/enetencap/cpf.c. A crafted ENIP/CPF message can supply an attacker-controlled itemcount value that is not consistently...
PT-2026-41681
OpENer v2.3-558-g1e99582 contains an out-of-bounds read vulnerability in the Common Packet Format CPF parser, specifically in CreateCommonPacketFormatStructure in source/src/enet encap/cpf.c. A crafted ENIP/CPF message can supply an attacker-controlled item count value that is not consistently...
EUVD-2026-30780
OpENer v2.3-558-g1e99582 contains an out-of-bounds read vulnerability in the Common Packet Format CPF parser, specifically in CreateCommonPacketFormatStructure in source/src/enetencap/cpf.c. A crafted ENIP/CPF message can supply an attacker-controlled itemcount value that is not consistently...
CVE-2026-38719
OpENer v2.3-558-g1e99582 contains an out-of-bounds read vulnerability in the Common Packet Format CPF parser, specifically in CreateCommonPacketFormatStructure in source/src/enetencap/cpf.c. A crafted ENIP/CPF message can supply an attacker-controlled itemcount value that is not consistently...
CVE-2026-38719
OpENer v2.3-558-g1e99582 contains an out-of-bounds read vulnerability in the Common Packet Format CPF parser, specifically in CreateCommonPacketFormatStructure in source/src/enetencap/cpf.c. A crafted ENIP/CPF message can supply an attacker-controlled itemcount value that is not consistently...
CVE-2026-38719
OpENer v2.3-558-g1e99582 contains an out-of-bounds read vulnerability in the Common Packet Format CPF parser, specifically in CreateCommonPacketFormatStructure in source/src/enetencap/cpf.c. A crafted ENIP/CPF message can supply an attacker-controlled itemcount value that is not consistently...
CVE-2026-38719
OpENer 2.3-558-g1e99582 contains an out-of-bounds read in the CPF parser (CreateCommonPacketFormatStructure() in source/src/enet_encap/cpf.c). A crafted ENIP/CPF message can supply an attacker-controlled item_count that is not consistently validated against the remaining data_length of the CPF sl...
OpENer 缓冲区错误漏洞
OpENer is an open-source industrial Ethernet protocol stack developed by the EIP Stack Group, supporting connections for I/O devices. Version OpENer v2.3-558-g1e99582 contains a buffer error vulnerability. This vulnerability stems from an out-of-bounds read in the CreateCommonPacketFormatStructur...
CVE-2024-38578
In the Linux kernel, the following vulnerability has been resolved: ecryptfs: Fix buffer size for tag 66 packet The 'TAG 66 Packet Format' description is missing the cipher code and checksum fields that are packed into the message packet. As a result, the buffer allocated for the packet is 3 byte...
CVE-2024-38578
The CVE-2024-38578 issue is a Linux kernel vulnerability in ecryptfs: the buffer for the TAG 66 packet was 3 bytes too small, causing a potential write past the end (KASAN slab-out-of-bounds). The fix increases the allocation size to ensure the entire packet fits, addressing the bug described in ...
CVE-2024-38578 ecryptfs: Fix buffer size for tag 66 packet
In the Linux kernel, the following vulnerability has been resolved: ecryptfs: Fix buffer size for tag 66 packet The 'TAG 66 Packet Format' description is missing the cipher code and checksum fields that are packed into the message packet. As a result, the buffer allocated for the packet is 3 byte...
CVE-2024-38578 ecryptfs: Fix buffer size for tag 66 packet
In the Linux kernel, the following vulnerability has been resolved: ecryptfs: Fix buffer size for tag 66 packet The 'TAG 66 Packet Format' description is missing the cipher code and checksum fields that are packed into the message packet. As a result, the buffer allocated for the packet is 3 byte...
Threat Analysis: Active C2 Discovery Using Protocol Emulation Part2 (Winnti 4.0)
Summary The VMware Carbon Black Threat Analysis Unit TAU previously released a blog post documenting the Winnti version 4.0 malware. The new command and control C2 protocol that was implemented in one of the 4.0 samples was completely different from the existing understanding of the 3.0 protocol...
CCN-lite memory leak vulnerability (CNVD-2018-03676)
CCN-lite is a lightweight and functionally interoperable implementation of the CCNx protocol for XEROX PARC. A memory leak vulnerability exists in the ccnlappRX function in ccnl-uapi.c in versions of CCN-lite prior to 2.0.0. An attacker could cause a denial of service memory consumption by...
Memory corruption
Memory leak in the ccnlappRX function in ccnl-uapi.c in CCN-lite before 2.00 allows context-dependent attackers to cause a denial of service memory consumption via vectors involving an envelopes structure pointer when the packet format is unknown...
Cold shoulder Wins remote overflow vulnerability-vulnerability warning-the black bar safety net
About this vulnerability Description, The comparison of the official DESCRIPTION is this: the WINS service support a so-called“WINS replication”feature, a different the WINS server can rely on this feature to exchange information. WINS replication is listening on TCP 4 2 port standard on the WINS...
Port interception with port hidden sniffing attacks-vulnerability warning-the black bar safety net
In WINDOWS SOCKET Server Application Programming, the following statement perhaps than than are: s=socketAFINET,SOCKSTREAM,IPPROTOTCP; saddr. sinfamily = AFINET; saddr. sinaddr. serveraddress = htonlINADDRANY; binds,SOCKADDR &saddr,sizeofsaddr; In fact, this which exists in a very big security...
Snort <= 2.4.2 Back Orifice Parsing Remote Buffer Overflow Exploit
Exploit for linux platform in category remote exploits ================================================================== Snort $Id: THCsnortbo.c,v 1.1 2005/10/24 11:38:59 thccvs Exp $ / / DETAILS The bug is in sppbo.c, BoGetDirection function static int BoGetDirectionPacket p, char pktdata uint3...
Snort 2.4.2 - Back Orifice Parsing Remote Buffer Overflow
/ THCsnortbo 0.3 - Snort BackOrifice PING exploit by [email protected] THC PUBLIC SOURCE MATERIALS Bug was found by Internet Security Systems http://xforce.iss.net/xforce/alerts/id/207 v0.3 - removed/cleaned up info for public release v0.2 - details added, minor changes v0.1 - first release Greetz to al...