CVE-2000-1213

The CVE-2000-1213 entry concerns ping (iputils) before 20001010, distributed on Red Hat Linux 6.2–7J and other OSes. The root cause is that ping fails to drop privileges after acquiring a raw socket, increasing exposure to bugs that would occur at lower privileges. The vulnerability is tied to th...

CVE-2000-1214

The CVE-2000-1214 issue affects the iputils package’s ping utility. Specifically, buffer overflow vulnerabilities exist in the (1) outpack and (2) buf variables within ping on iputils versions prior to the 20001010 release, as distributed on Red Hat Linux 6.2 through 7J and other operating system...

ping.asp CGI Arbitrary Command Execution

The 'ping.asp' CGI is installed. Some versions allow an attacker to launch a ping flood against the targeted machine or another by entering '127.0.0.1 -l 65000 -t' in the Address field. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Script audit and contributions from Carmichael Security Er...

CVE-2002-0237

Buffer overflow in ISS BlackICE Defender 2.9 and earlier, BlackICE Agent 3.0 and 3.1, and RealSecure Server Sensor 6.0.1 and 6.5 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a flood of large ICMP ping packets...

CVE-1999-1423

ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service crash via a ping request to a multicast address through the loopback interface, e.g. via ping -i...

CVE-1999-1423

CVE-1999-1423 concerns Solaris 2.3–2.6 where a local user can trigger a denial-of-service (crash) by sending a ping to a multicast address via the loopback interface (e.g., ping -i). The vulnerability is local in scope and results in an availability impact described as PARTIAL. The records consis...

CVE-1999-1339

CVE-1999-1339 affects Linux 2.2.10 and earlier (with ipchains) and FreeBSD 3.2 (with ipfw). The issue is triggered by a crafted ping -R (record route) packet, causing a remote attacker to induce a kernel panic and denial of service. The vulnerability arises from how NAT is handled when enabled, a...

Vulnerability in Black ICE Defender

The current version of BlackICE Defender 2.9.caq and 2.9.cap running on a Windows 2000 machine can be remotely crashed using a very basic ping flood. This has been tested with Divine Intervention 2 & 3, Sisoft Sandra Network LAN benchmark. Setting the packet size to about 10,000 bytes causes a Bl...

X-Chat 1.x - CTCP Ping Remote IRC Command Execution

source: https://www.securityfocus.com/bid/3830/info X-Chat is a graphical client for IRC. It requires the GTK+ toolkit, and is available for many Linux and Unix operating systems. If a CTCP ping request includes escaped newline characters and additional IRC commands, these commands may be execute...

X-Chat 1.x - CTCP Ping Remote IRC Command Execution

X-Chat 1.x - CTCP Ping Remote IRC Command Execution source: https://www.securityfocus.com/bid/3830/info X-Chat is a graphical client for IRC. It requires the GTK+ toolkit, and is available for many Linux and Unix operating systems. If a CTCP ping request includes escaped newline characters and...

Re: Zyxel Prestige 681 and 1600 (possibly other?) remote DoS

On Friday 14 December 2001 12:08, Przemyslaw Frasunek wrote: The workaround is to switch off routing and put device in bridging mode. Zyxel support has been notified, I won't release details of attack, until ZyNOS will be patched. I haven't received any response from Zyxel helpdesk so time to...

Network Tool 0.2 Addon for PHPNuke vulnerable to remote command execution

-- Network Tool 0.2 Addon for PHPNuke vulnerable to remote command execution -- Problem discovered: 16/11/2001 by Cabezon Aurйlien | [email protected] http://www.isecurelabs.com/article.php?sid=209 -- Description -- This Phpnuke addon includes web frontends for the following nix...

CVE-1999-1070

Buffer overflow in ping CGI program in Xylogics Annex terminal service allows remote attackers to cause a denial of service via a long query parameter...

CVE-2001-0313

Borderware Firewall Server 6.1.2 allows remote attackers to cause a denial of service via a ping to the broadcast address of the public network on which the server is placed, which causes the server to continuously send pings echo requests to the network...

CVE-2001-0313

Borderware Firewall Server 6.1.2 allows remote attackers to cause a denial of service via a ping to the broadcast address of the public network on which the server is placed, which causes the server to continuously send pings echo requests to the network...

CVE-2000-0292

The CVE-2000-0292 entry concerns the Adtran MX2800 M13 Multiplexer. The vulnerability is a remote DoS caused by sending a ping flood to the Ethernet interface, which crashes the device. The NVD record lists a CVSS v2 base score of 5.0 (Medium) with network attack vector, low attack complexity, no...

CVE-2000-0292

The Adtran MX2800 M13 Multiplexer allows remote attackers to cause a denial of service via a ping flood to the Ethernet interface, which causes the device to crash...

UDP Ping-pong in Win2k

Sorry if this is already well-known. Windows 2000 server with an open UDP Kerberos v5 port 464 is vulnerable to a UDP ping-pong attack where you send a packet with someone elses IP address and chargen source port to it. Drives CPU usage on my test system to approx. 70. AFAIK affected systems: Win...

CVE-2000-0742

The IPX protocol implementation in Microsoft Windows 95 and 98 allows remote attackers to cause a denial of service by sending a ping packet with a source IP address that is a broadcast address, aka the "Malformed IPX Ping Packet" vulnerability...

Потенциальные дырки в ping

Несколько переполнений буфера...