EUVD-2008-4109

Malware in sbrugna...

CVE-2022-22547

Simple Diagnostics Agent - versions 1.0 up to version 1.57., allows an attacker to access information which would otherwise be restricted via a random port 9000-65535. This allows information gathering which could be used exploit future open-source security exploits...

GHSA-G96C-X7RH-99R3 Graylog vulnerable to insecure source port usage for DNS queries

Summary Graylog utilises only one single source port for DNS queries. Details Graylog seems to bind a single socket for outgoing DNS queries. That socket is bound to a random port number which is not changed again. This goes against recommended practice since 2008, when Dan Kaminsky discovered ho...

CVE-2022-22547

Simple Diagnostics Agent - versions 1.0 up to version 1.57., allows an attacker to access information which would otherwise be restricted via a random port 9000-65535. This allows information gathering which could be used exploit future open-source security exploits...

Design/Logic Flaw

Simple Diagnostics Agent - versions 1.0 up to version 1.57., allows an attacker to access information which would otherwise be restricted via a random port 9000-65535. This allows information gathering which could be used exploit future open-source security exploits...

CVE-2022-22547

Simple Diagnostics Agent - versions 1.0 up to version 1.57., allows an attacker to access information which would otherwise be restricted via a random port 9000-65535. This allows information gathering which could be used exploit future open-source security exploits...

CVE-2022-22547

Simple Diagnostics Agent - versions 1.0 up to version 1.57., allows an attacker to access information which would otherwise be restricted via a random port 9000-65535. This allows information gathering which could be used exploit future open-source security exploits...

CVE-2021-44678

An issue 2 of 6 was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization...

Veritas Enterprise Vault 代码问题漏洞

Veritas Enterprise Vault is an enterprise-grade file protection, archiving automation software from Veritas, USA. A security vulnerability exists in Veritas Enterprise Vault 14.1.2 and earlier versions, where Enterprise Vault application startup launches multiple services that listen for commands...

Veritas Enterprise Vault代码问题漏洞

Veritas Enterprise Vault is an enterprise-grade file protection, archiving automation software from Veritas, USA. A security vulnerability exists in Veritas Enterprise Vault 14.1.2 and earlier versions, where Enterprise Vault application startup launches multiple services that listen for commands...

UBUNTU-CVE-2014-4883

resolv.c in the DNS resolver in uIP, and dns.c in the DNS resolver in lwIP 1.4.1 and earlier, does not use random values for ID fields and source ports of DNS query packets, which makes it easier for man-in-the-middle attackers to conduct cache-poisoning attacks via spoofed reply packets...

ZoneAlarm 3.7.202/PRO 4.0/PRO 4.5 - Random UDP Flood Denial of Service (3)

source: https://www.securityfocus.com/bid/8525/info A denial of service vulnerability has been alleged in ZoneAlarm. It is reportedly possible to reproduce this condition by sending a flood of UDP packets of random sizes to random ports on a system hosting the vulnerable software. ;// This is...