CVE-2019-5613

In FreeBSD 12.0-RELEASE before 12.0-RELEASE-p13, a missing check in the ipsec packet processor allows reinjection of an old packet to be accepted by the ipsec endpoint. Depending on the higher-level protocol in use over ipsec, this could allow an action to be repeated...

FreeBSD Security Vulnerabilities

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. FreeBSD has a security vulnerability. An attacker can re-inject old packets, which will be accepted and processed by the IPsec endpoint. No details of the vulnerability are provided at this time...

Unspecified Vulnerability in Unbound IPSec Module

Unbound is a DNS resolver that supports authentication recursion and caching.IPSec is one of the Internet Security Protocol modules. A security vulnerability exists in the IPSec module in Unbound versions 1.6.4 through 1.9.4, which can be exploited by an attacker to execute shell code with the he...

The vulnerability of the Payments component in the Oracle FLEXCUBE Direct Banking system allows a perpetrator to compromise the integrity of the protected information.

The vulnerability of the Payments component in Oracle FLEXCUBE Direct Banking’ remote banking system is related to insufficient access control. Exploiting this vulnerability could allow a malicious actor to compromise the integrity of the protected information using the HTTP protocol...

The vulnerability of Cisco Adaptive Security Appliance and Cisco Firepower 2100 microprogramming-based network interface controllers lies in the improper processing of IPsec sessions by the software cryptographic module. This allows attackers to cause service interruptions.

The vulnerability of Cisco Adaptive Security Appliance and Cisco Firepower 2100 network interface controllers lies in the improper handling of IPsec sessions by the software cryptographic module. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

PT-2019-2054 · Cisco · Cisco Asa +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance versions affected versions not specified Cisco Firepower 2100 Series running Cisco Adaptive Security Appliance ASA Software versions affected versions not specified Description: The issue is related to a logi...

The vulnerability of the Cisco IOS XE operating system’s IPsec driver and the Cisco Adaptive Security Appliance network interface card software allows a attacker to trigger a device reboot.

The vulnerability of the Cisco IOS XE operating system and Cisco Adaptive Security Appliance network interface software’s IPsec driver is related to errors in the processing of IPsec authentication header AH packets or encapsulated payload ESP packets. Exploiting this vulnerability can allow a...

Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software Denial of Service Vulnerabilities

Cisco Adaptive Security Appliances ASA, Adaptive Security Appliances Software and Cisco Firepower Threat Defense FTD Software are both programs developed by the U.S. company Cisco Cisco. The former is a set of operating systems running in the firewall. The latter is a set of unified software to...

PT-2018-3932 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the implementation of Traffic Flow Confidentiality TFC...

CVE-2017-17312

Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR V300R001C00; USG5120BSR V300R001C00; USG5150BSR V300R001C00 have a DoS vulnerability in the IPSEC IKEv1 implementations of Huawei Firewall products. Due to improper handling of the malformed messages, an attacker may sent...

CVE-2017-17311

Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR V300R001C00; USG5120BSR V300R001C00; USG5150BSR V300R001C00 have a DoS vulnerability in the IPSEC IKEv1 implementations of Huawei Firewall products. Due to improper handling of the malformed messages, an attacker may sent...

ZyXEL ZyWALL/USG Series Device Information Disclosure Vulnerability

ZyXEL ZyWALL/USG is a network security firewall appliance from Hopkins ZyXEL Technology. A security vulnerability exists in the Internet Key Exchange IKE handshake implementation used for IPsec-based VPN connections in the ZyXEL ZyWALL/USG series devices. An attacker can exploit the vulnerability...

Debian DLA-1443-1 : evolution-data-server security update

It was discovered that there was a protocol implementation error in evolution-data-server where 'STARTTLS not supported' errors from IMAP servers were ignored leading to the use of insecure connections without the user's knowledge or consent. For Debian 8 'Jessie', this issue has been fixed in...

Denial of Service Vulnerability in Multiple F5 Products (CNVD-2018-09411 )

F5 BIG-IP LTM, etc. are products of F5 Corporation, U.S.A. F5 BIG-IP LTM is a local traffic manager; BIG-IP AAM is an application acceleration manager. There are security vulnerabilities in several F5 products. When a system is configured with a wildcard IPSec channel endpoint, a remote attacker...

CVE-2017-6156

When the F5 BIG-IP 12.1.0-12.1.1, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 system is configured with a wildcard IPSec tunnel endpoint, it may allow a remote attacker to disrupt or impersonate the tunnels that have completed phase 1 IPSec negotiations. The attacker must possess the necessary...

Microsoft Windows IPSec Denial of Service Vulnerability

Microsoft Windows is a series of operating systems released by the American company Microsoft. A denial of service vulnerability exists in IPSec in Microsoft Windows. An attacker could exploit this vulnerability to cause the target system to stop responding...

F5 Networks BIG-IP : glibc vulnerability (K31211252)

Multiple stack-based buffer overflows in the GNU C Library aka glibc or libc6 before 2.23 allow context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code via a long argument to the 1 nan, 2 nanf, or 3 nanl function. CVE-2014-9761 C Tenable Netwo...

F5 Networks BIG-IP : Linux kernel vulnerability (K81211720)

The tcpspliceread function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service infinite loop and soft lockup via vectors involving a TCP packet with the URG flag. CVE-2017-6214 C Tenable Network Security, Inc. The descriptive text and package...

RedHat Update for httpd RHSA-2017:1721-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Using WebSocket as your Real Time Protocol? Wallam got you covered.

In the beginning there was http 1 or 2, web pages were static and did not do much beyond displaying static text and images. Life has changed since… Web applications discovered that bi-directional communication between the browser and the web server is essential. Of course, http protocol, with it’...