1886 matches found
kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service
An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP segments. If the Maximum Segment Size MSS of a TCP connection was set to low values, such as 48 bytes, it can leave as little as 8 bytes for the user data, which significantly increas...
kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service
An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP segments. If the Maximum Segment Size MSS of a TCP connection was set to low values, such as 48 bytes, it can leave as little as 8 bytes for the user data, which significantly increas...
Kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service
An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented. Each fragment is about TCP maximum segment size MSS...
kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service
An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP segments. If the Maximum Segment Size MSS of a TCP connection was set to low values, such as 48 bytes, it can leave as little as 8 bytes for the user data, which significantly increas...
Kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service
An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented. Each fragment is about TCP maximum segment size MSS...
Kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service
An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented. Each fragment is about TCP maximum segment size MSS...
kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service
An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP segments. If the Maximum Segment Size MSS of a TCP connection was set to low values, such as 48 bytes, it can leave as little as 8 bytes for the user data, which significantly increas...
Kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service
An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented. Each fragment is about TCP maximum segment size MSS...
Kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service
An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented. Each fragment is about TCP maximum segment size MSS...
kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service
An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP segments. If the Maximum Segment Size MSS of a TCP connection was set to low values, such as 48 bytes, it can leave as little as 8 bytes for the user data, which significantly increas...
Kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service
An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented. Each fragment is about TCP maximum segment size MSS...
kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service
An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP segments. If the Maximum Segment Size MSS of a TCP connection was set to low values, such as 48 bytes, it can leave as little as 8 bytes for the user data, which significantly increas...
Kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service
An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented. Each fragment is about TCP maximum segment size MSS...
SUSE-SU-2019:1535-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-11477: A sequence of SACKs may have been crafted such that one can trigger an integer overflow, leading to a kernel panic. - CVE-2019-11478: It was...
UBUNTU-CVE-2019-11479
Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kerne...
Dissecting Weird Packets
I was investigating traffic in my home lab yesterday, and noticed that about 1% of the traffic was weird. Before I describe the weird, let me show you a normal frame for comparison's sake. This is a normal frame with Ethernet II encapsulation. It begins with 6 bytes of the destination MAC address...
Siemens Multiple Products Improper Input Validation
Binary data 720144.prm...
CVE-2018-3312
The CVE-2018-3312 entry applies to Oracle Retail Customer Engagement (Segment) in Oracle Retail Applications, affecting versions 16.0 and 17.0. The vulnerability is described as exploitable by a high-privileged attacker with network access via HTTP, potentially enabling unauthorized creation, del...
Oracle Retail Applications Retail Customer Engagement Access Control Error Vulnerability
Oracle Retail Applications is a suite of retail applications store solutions from Oracle Corporation. The product includes inventory management, sales management and customer management, etc. Retail Customer Engagement is one of the retailer customer engagement components, mainly used to interact...
Action Recommended to Secure the Cisco Nexus PowerOn Auto Provisioning Feature
Cisco Nexus devices support an automatic provisioning or zero-touch deployment feature called PowerOn Auto Provisioning POAP. This feature assists in automating the initial deployment and configuration of Nexus switches. POAP is enabled by default and activates on devices that have no startup...