TCP Sequence Number Approximation Reset Denial of Service Vulnerability

The host is running TCP services and is prone to denial of service vulnerability. OpenVAS Vulnerability Test $Id: secpodtcpsequenceapproxdosvuln.nasl 5912 2017-04-10 09:01:51Z teissa $ TCP Sequence Number Approximation Reset Denial of Service Vulnerability Authors: Sooraj KS Copyright: Copyright ...

TCP Sequence Number Approximation Reset DoS Vulnerability (Apr 2004)

Various TCP services of different vendors are prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Adobe Flash Player MP4 Sequence Parameter Set Processing

Added: 02/09/2012 CVE: CVE-2011-2140 BID: 49083 OSVDB: 74439 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem The Adobe Flash Player Sub1005B396 function allows command execution when a user opens a specially crafted .swf file...

Adobe Flash Player MP4 Sequence Parameter Set Processing

Added: 02/09/2012 CVE: CVE-2011-2140 BID: 49083 OSVDB: 74439 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem The Adobe Flash Player Sub1005B396 function allows command execution when a user opens a specially crafted .swf file...

Adobe Flash Player MP4 Sequence Parameter Set Processing

Added: 02/09/2012 CVE: CVE-2011-2140 BID: 49083 OSVDB: 74439 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem The Adobe Flash Player Sub1005B396 function allows command execution when a user opens a specially crafted .swf file...

kernel: net: improve sequence number generation

The 1 IPv4 and 2 IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service disrupted networking or hijack network sessions by predicting...

OpenSSL 1.0.0 < 1.0.0-beta2 DoS

According to its banner, the remote server is running a version of OpenSSL 1.0.0 prior to 1.0.0 beta 2. A remote attacker can crash the server by sending an out-of-sequence DTLS handshake message. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid17768;...

kernel: net: improve sequence number generation

The 1 IPv4 and 2 IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service disrupted networking or hijack network sessions by predicting...

kernel: net: improve sequence number generation

The 1 IPv4 and 2 IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service disrupted networking or hijack network sessions by predicting...

Ubuntu Update for linux-lts-backport-maverick USN-1242-1

Ubuntu Update for Linux kernel vulnerabilities USN-1242-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12421.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux-lts-backport-maverick USN-1242-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...

Apple QuickTime H264 Stream frame_cropping Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktim...

Ubuntu 11.04 : linux vulnerabilities (USN-1246-1)

Dan Rosenberg discovered that the IPv4 diagnostic routines did not correctly validate certain requests. A local attacker could exploit this to consume CPU resources, leading to a denial of service. CVE-2011-2213 Dan Rosenberg discovered that the Bluetooth stack incorrectly handled certain L2CAP...

Ubuntu 10.10 : linux vulnerabilities (USN-1243-1)

It was discovered that the security fix for CVE-2010-4250 introduced a regression. A remote attacker could exploit this to crash the system, leading to a denial of service. CVE-2011-1479 Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit...

Ubuntu 10.04 LTS : linux-mvl-dove vulnerabilities (USN-1240-1)

Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. CVE-2011-1576 Vasiliy Kulikov and Dan Rosenberg discovered that ecryptfs did not correctly...

Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1239-1)

Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. CVE-2011-1576 Vasiliy Kulikov and Dan Rosenberg discovered that ecryptfs did not correctly...

USN-1246-1: Linux kernel vulnerabilities

Dan Rosenberg discovered that the IPv4 diagnostic routines did not correctly validate certain requests. A local attacker could exploit this to consume CPU resources, leading to a denial of service. CVE-2011-2213 Dan Rosenberg discovered that the Bluetooth stack incorrectly handled certain L2CAP...

USN-1245-1: Linux kernel (Marvell DOVE) vulnerabilities

Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. CVE-2011-1576 Vasiliy Kulikov and Dan Rosenberg discovered that ecryptfs did not correctly...

USN-1242-1: Linux kernel (Maverick backport) vulnerabilities

It was discovered that the security fix for CVE-2010-4250 introduced a regression. A remote attacker could exploit this to crash the system, leading to a denial of service. CVE-2011-1479 Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit...

USN-1241-1: Linux kernel (i.MX51) vulnerabilities

It was discovered that the Stream Control Transmission Protocol SCTP implementation incorrectly calculated lengths. If the net.sctp.addipenable variable was turned on, a remote attacker could send specially crafted traffic to crash the system. CVE-2011-1573 Ryan Sweat discovered that the kernel...

USN-1240-1: Linux kernel (Marvell DOVE) vulnerabilities

Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. CVE-2011-1576 Vasiliy Kulikov and Dan Rosenberg discovered that ecryptfs did not correctly...