1315 matches found
kernel: ICMP rate limiting can be used for DNS poisoning attack
A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allows to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentialit...
kernel: ICMP rate limiting can be used for DNS poisoning attack
A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allows to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentialit...
kernel: ICMP rate limiting can be used for DNS poisoning attack
A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allows to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentialit...
kernel: ICMP rate limiting can be used for DNS poisoning attack
A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allows to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentialit...
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2021-9007)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9007 advisory. - xen-blkback: set ring-xenblkd to NULL after kthreadstop Pawel Wieczorkiewicz Orabug: 32260252 CVE-2020-29569 - xenbus/xenbusbackend: Disallow...
Pidrila - Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer
PIDRILA : P ython I nteractive D eepweb-oriented R apid I ntelligent L ink A nalyzer is really fast async web path scanner prototype developed by BrightSearch team for all ethical netstalkers. Installation & Usage git clone https://github.com/enemy-submarine/pidrila.git cd pidrila python3...
ctf-writeups
This is a PoC exploit for a double free vulnerability in a binary. The exploit creates overlapping chunks on the heap, manipulates heap metadata, and overwrites the mallochook with a one-gadget address to execute /bin/sh. The challenge is interesting because it does not allow the exploitation of...
SUSE SLES15 Security Update : kernel (SUSE-SU-2020:3764-1)
The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-15436: Fixed a use after free vulnerability in fs/blockdev.c which could have allowed local users to gain privileges or cause a denial of service...
SUSE SLES15 Security Update : kernel (SUSE-SU-2020:3532-1)
The SUSE Linux Enterprise 15 LTSS kernel was updated to receive various security and bug fixes. The following security bugs were fixed : CVE-2020-25705: A flaw in the way reply ICMP packets are limited in was found that allowed to quickly scan open UDP ports. This flaw allowed an off-path remote...
SUSE SLES15 Security Update : kernel (SUSE-SU-2020:3513-1)
The SUSE Linux Enterprise 15 SP1 RT kernel was updated to receive various security and bug fixes. The following security bugs were fixed : CVE-2020-25705: A flaw in the way reply ICMP packets are limited in was found that allowed to quickly scan open UDP ports. This flaw allowed an off-path remot...
SUSE-SU-2020:3690-1 Security update for the Linux Kernel (Live Patch 18 for SLE 15 SP1)
This update for the Linux Kernel 4.12.14-19767 fixes several issues. The following security issues were fixed: - CVE-2020-25668: Fixed a concurrency use-after-free in confontop bsc1178622. - CVE-2020-25705: Fixed a flaw which could have allowed an off-path remote user to effectively bypass source...
SUSE-SU-2020:3651-1 Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3)
This update for the Linux Kernel 4.4.180-94130 fixes several issues. The following security issues were fixed: - CVE-2020-25668: Fixed a concurrency use-after-free in confontop bsc1178622. - CVE-2020-8694: Fixed an insufficient access control in the Linux kernel driver for some IntelR Processors...
Source Port UDP Randomization Bypass
A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allows to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentialit...
A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Based Products (RUGGEDCOM RM1224: All versions between v5.0 and v6.4 SCALANCE M-800: All versions between v5.0 and v6.4 SCALANCE S615: All versions between v5.0 and v6.4 SCALANCE SC-600: All versions prior to v2.1.3 SCALANCE W1750D: v8.3.0.1 v8.6.0 and v8.7.0 SIMATIC Cloud Connect 7: All versions SIMATIC MV500 Family: All versions SIMATIC NET CP 1243-1 (incl. SIPLUS variants): Versions 3.1.39 and later SIMATIC NET CP 1243-7 LTE EU: Version
...
SUSE-SU-2020:3532-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 LTSS kernel was updated to receive various security and bug fixes. The following security bugs were fixed: - CVE-2020-25705: A flaw in the way reply ICMP packets are limited in was found that allowed to quickly scan open UDP ports. This flaw allowed an off-path remote...
CVE-2020-25705
A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Bas...
DEBIAN-CVE-2020-25705
A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Bas...
CVE-2020-25705
A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Bas...
CVE-2020-25705
A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Bas...
UBUNTU-CVE-2020-25705
A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Bas...