13 matches found
EUVD-1999-0216
Malware in sbrugna...
CVE-2022-22724
A CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause a denial of service on ports 80 HTTP and 502 Modbus, when sending a large number of TCP RST or FIN packets to any open TCP port of the PLC. Affected Product: Modicon M340 CPUs: BMXP34 All Versions...
CVE-2023-51440
A vulnerability has been identified in SIMATIC CP 343-1 6GK7343-1EX30-0XE0 All versions, SIMATIC CP 343-1 Lean 6GK7343-1CX10-0XE0 All versions, SIPLUS NET CP 343-1 6AG1343-1EX30-7XE0 All versions, SIPLUS NET CP 343-1 Lean 6AG1343-1CX10-2XE0 All versions. Affected products incorrectly validate TCP...
CVE-2023-51440
A vulnerability has been identified in SIMATIC CP 343-1 6GK7343-1EX30-0XE0 All versions, SIMATIC CP 343-1 Lean 6GK7343-1CX10-0XE0 All versions, SIPLUS NET CP 343-1 6AG1343-1EX30-7XE0 All versions, SIPLUS NET CP 343-1 Lean 6AG1343-1CX10-2XE0 All versions. Affected products incorrectly validate TCP...
Webscan - Browser-based Network Scanner And local-IP Detection
webscan is a browser-based network IP scanner and local IP detector. It detects IPs bound to the user/victim by listening on an RTP data channel via WebRTC and looping back to the port across any live IPs, as well as discovering all live IP addresses on valid subnets by monitoring for immediate...
JVN#91438377: SSL Visibility Appliance may generate illegal RST packets
SSL Visibility Appliance provided by Blue Coat Systems, Inc. is used as a transparent proxy for encrypted traffic management. It is reported that the appliance generates RST packets with incorrect sequence numbers when it receives HTTPS requests from certain web browsers. When the web server behi...
CVE-2017-7285
A vulnerability in the network stack of MikroTik Version 6.38.5 released 2017-03-09 could allow an unauthenticated remote attacker to exhaust all available CPU via a flood of TCP RST packets, preventing the affected router from accepting new TCP connections...
CVE-2017-7285
CVE-2017-7285 affects MikroTik RouterOS (Version 6.38.5, released 2017-03-09). The vulnerability is in the network stack and could allow an unauthenticated remote attacker to exhaust all available CPU by sending a flood of TCP RST packets, preventing the router from accepting new TCP connections....
CVE-2017-7285
A vulnerability in the network stack of MikroTik Version 6.38.5 released 2017-03-09 could allow an unauthenticated remote attacker to exhaust all available CPU via a flood of TCP RST packets, preventing the affected router from accepting new TCP connections...
FreeIPS 1.0 Protected Service Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10541/info It is reported that FreeIPS is susceptible to a denial of service vulnerability. FreeIPS scans TCP connections for particular strings, defined by regular expressions. If a packet matches the regular expression,...
Link hijacking attack one, two, three-vulnerability warning-the black bar safety net
Blog post author: lake2 TSRC Release date: 2012-11-09 Blog post content: With application security development, we are more concerned about application security vulnerabilities, in fact, in the application layer below the Transport Layer there are also many security risks and the security risks...
SOL3126 - Large TCP window sizes may make it easier to predict sequence numbers vulnerability CVE-2004-0230
This vulnerability is found in the principle design of TCP/IP itself and cannot be completely corrected without changing to an alternate protocol. The central issue in this vulnerability is that for long-lived connections, as measured in hours or days, an outside attacker could send a flurry of R...
TCP RST packets spoofing
By sending spoofed RST it's possible to terminate established TCP connection. unlike TPC hijacking attacks there is no need for exact TCP sequence number, and number can be any number from handshaked TCP window. It significantly increases attack efficiency. In NetBSD sequence number for RST is no...