94 matches found
Code injection
Unspecified vulnerability in Juniper Networks JUNOSe E-series routers before 7-1-1 has unknown impact and remote attack vectors related to the DNS "client code," as demonstrated by the OUSPG PROTOS DNS test suite...
Code injection
Multiple unspecified vulnerabilities in DeleGate 9.x before 9.0.6 and 8.x before 8.11.6 allow remote attackers to cause a denial of service via crafted DNS responses messages that cause 1 a buffer over-read or 2 infinite recursion, which can trigger a segmentation fault or invalid memory access, ...
DEBIAN-CVE-2006-2073
Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a "broken" TSIG, as demonstrated by the OUSPG PROTOS DNS test suite...
CVE-2006-2073
Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a "broken" TSIG, as demonstrated by the OUSPG PROTOS DNS test suite...
CVE-2006-2076
Memory leak in Paul Rombouts pdnsd before 1.2.4 allows remote attackers to cause a denial of service memory consumption via a DNS query with an unsupported 1 QTYPE or 2 QCLASS, as demonstrated by the OUSPG PROTOS DNS test suite...
CVE-2006-2075
CVE-2006-2075 concerns an unspecified vulnerability in MyDNS 1.1.0 that allows remote attackers to cause a denial of service by sending a crafted DNS message, popularly known as the “Query-of-death,” as demonstrated by the OUSPG PROTOS DNS test suite. The available connected documents confirm the...
CVE-2006-2074
CVE-2006-2074 affects Juniper Networks JUNOSe E-series routers before 7-1-1. The vulnerability lies in the DNS “client code” and is described as having unknown impact with remote attack vectors; the issue is exploitable over a network, with potential complete confidentiality, integrity, and avail...
CVE-2006-2076
CVE-2006-2076 affects pdnsd prior to 1.2.4. The vulnerability is a memory leak triggered by handling DNS queries with an unsupported QTYPE/QCLASS, leading to potential denial of service due to memory consumption (demonstrated by OUSPG PROTOS tests). Affected product: pdnsd (Paul Rombouts’ DNS pro...
CVE-2006-2073
Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a "broken" TSIG, as demonstrated by the OUSPG PROTOS DNS test suite...
CVE-2006-2072
Affected software: DeleGate 9.x until 9.0.6 and 8.x until 8.11.6. Vulnerability: remote attacker can cause DoS by processing crafted DNS responses that trigger a buffer over-read or infinite recursion, leading to segmentation fault or invalid memory access (demonstrated by PROTOS DNS tests). Expl...
CVE-2006-2077
The CVE concerns pdnsd (Paul Rombouts pdnsd) before version 1.2.4, where a buffer overflow is reported. The CVE entry itself lists unknown impact/attack vectors, but connected sources (Gentoo GLSA 200605-10 and Tenable plugin) specify a buffer overflow leading to Denial of Service and potential a...
CVE-2006-2073
Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a "broken" TSIG, as demonstrated by the OUSPG PROTOS DNS test suite...
CVE-2006-1646
The CVE-2006-1646 issue concerns the Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in the Shoichi Sakane KAME Project racoon, as used by NetBSD, certain FreeBSD releases, and potentially other BSD/Linux distributions. In aggressive mode, remote attackers can trigger a deni...
Design/Logic Flaw
The Internet Key Exchange implementation in Funkwerk X2300 7.2.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite. NOTE: due to the lack of details in the advisory, it is unclear which...
CVE-2006-0718
The Internet Key Exchange version 1 IKEv1 implementation in Avaya VSU 100, 2000, 7500, 10000, and CSU 5000, when running IPSec, allows remote attackers to cause a denial of service crash via certain IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of...
CVE-2005-4565
Format string vulnerability in the Internet Key Exchange version 1 IKEv1 implementation in ADTRAN NetVanta before 10.03.03.E might allow remote attackers to have an unknown impact via format string specifiers in crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1...
CVE-2005-4564
The Internet Key Exchange version 1 IKEv1 implementation in ADTRAN NetVanta before 10.03.03.E might allow remote attackers to cause a denial of service via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1...
CVE-2005-4465
The Internet Key Exchange version 1 IKEv1 implementation in NEC UNIVERGE IX1000, IX2000, and IX3000 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of...
CVE-2005-4321
CVE-2005-4321 aggregates multiple IKEv1 vulnerabilities affecting various implementations of IPsec/IKE tooling (notably ipsec-tools racoon and related products) that were demonstrated via the PROTOS ISAKMP test suite and could lead to a denial of service. Connected advisories describe multiple CV...
Multiple OSs, routers and firewalls IPSec ISAKMP IKE DoS
Multiple vulnerabilities detected with PROTOS IPSec security scanner...