Lucene search
K

365 matches found

OSV
OSV
added 2015/03/16 10:59 a.m.3 views

DEBIAN-CVE-2015-1421

Use-after-free vulnerability in the sctpassocupdate function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service slab corruption and panic or possibly have unspecified other impact by triggering an INIT collision that leads to improper...

10CVSS8.2AI score0.09828EPSS
Exploits0References1
Prion
Prion
added 2015/03/16 10:59 a.m.24 views

Design/Logic Flaw

Use-after-free vulnerability in the sctpassocupdate function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service slab corruption and panic or possibly have unspecified other impact by triggering an INIT collision that leads to improper...

10CVSS7.9AI score0.09828EPSS
Exploits0References21Affected Software3
Cvelist
Cvelist
added 2015/03/16 10:0 a.m.35 views

CVE-2015-1421

Use-after-free vulnerability in the sctpassocupdate function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service slab corruption and panic or possibly have unspecified other impact by triggering an INIT collision that leads to improper...

6AI score0.09828EPSS
Exploits0References21
Debian CVE
Debian CVE
added 2015/03/16 10:0 a.m.37 views

CVE-2015-1421

Use-after-free vulnerability in the sctpassocupdate function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service slab corruption and panic or possibly have unspecified other impact by triggering an INIT collision that leads to improper...

10CVSS7.5AI score0.09828EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2015/03/16 12:0 a.m.35 views

CVE-2015-1421

Use-after-free vulnerability in the sctpassocupdate function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service slab corruption and panic or possibly have unspecified other impact by triggering an INIT collision that leads to improper...

10CVSS6.8AI score0.09828EPSS
Exploits0References7
Metasploit
Metasploit
added 2014/08/29 8:8 a.m.39 views

Linux Gather NetworkManager 802-11-Wireless-Security Credentials

This module collects 802-11-Wireless-Security credentials such as Access-Point name and Pre-Shared-Key from Linux NetworkManager connection configuration files. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

Juniper Netscreen 5.0 VPN Username Enumeration Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14595/info The Juniper Netscreen VPN implementation will identify valid usernames in IKE aggressive mode, when pre-shared key authentication is used. This allows for attackers to obtain a list of valid VPN users. With a...

7.1AI score
Exploits0
NVD
NVD
added 2013/12/30 4:53 a.m.23 views

CVE-2013-5037

The HOT HOTBOX router with software 2.1.11 has a default WPS PIN of 12345670, which makes it easier for remote attackers to obtain the WPA or WPA2 pre-shared key via EAP messages...

3.3CVSS6.5AI score0.02587EPSS
Exploits6References2
CVE
CVE
added 2013/12/30 2:0 a.m.55 views

CVE-2013-5037

The CVE-2013-5037 entry concerns the HOTBOX router (SAGEMCOM HOTBOX F@st 3184) running software version 2.1.11, where a default WPS PIN of 12345670 enables easier access to the WPA/WPA2 PSK via EAP messages. The connected sources corroborate the affected device and version and describe the underl...

3.3CVSS6.6AI score0.02587EPSS
Exploits6References2Affected Software2
Cvelist
Cvelist
added 2013/12/30 2:0 a.m.36 views

CVE-2013-5037

The HOT HOTBOX router with software 2.1.11 has a default WPS PIN of 12345670, which makes it easier for remote attackers to obtain the WPA or WPA2 pre-shared key via EAP messages...

6.5AI score0.02587EPSS
Exploits6References2
Tenable Nessus
Tenable Nessus
added 2012/10/24 12:0 a.m.1603 views

Internet Key Exchange (IKE) Aggressive Mode with Pre-Shared Key

The remote Internet Key Exchange IKE version 1 service seems to support Aggressive Mode with Pre-Shared key PSK authentication. Such a configuration could allow an attacker to capture and crack the PSK of a VPN gateway and gain unauthorized access to private networks. C Tenable Network Security,...

5CVSS5.5AI score0.48573EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2012/02/21 2:20 a.m.5 views

initscripts: IPSec ifup script allows for aggressive IKE mode

The default IPSec ifup script in Red Hat Enterprise Linux 3 through 5 configures racoon to use aggressive IKE mode instead of main IKE mode, which makes it easier for remote attackers to conduct brute force attacks by sniffing an unencrypted preshared key PSK hash...

7.1CVSS5.9AI score0.02432EPSS
Exploits1References4
securityvulns
securityvulns
added 2010/10/11 12:0 a.m.29 views

RSA Authentication Client information leal

SENSITIVE and NON-EXTRACTABLE flags are ignored for shared kay, making it possible to extract it...

1.5CVSS3.1AI score0.00263EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2008/10/20 6:14 p.m.15 views

Design/Logic Flaw

The SpamBam plugin for WordPress allows remote attackers to bypass restrictions and add blog comments by using server-supplied values to calculate a shared key...

5CVSS7.3AI score0.07289EPSS
Exploits0References4
Cvelist
Cvelist
added 2008/10/20 6:0 p.m.22 views

CVE-2008-4616

The SpamBam plugin for WordPress allows remote attackers to bypass restrictions and add blog comments by using server-supplied values to calculate a shared key...

6.8AI score0.07289EPSS
Exploits0References4
Prion
Prion
added 2007/08/18 9:17 p.m.11 views

Authentication flaw

The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key PSK authentication is enabled, generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames...

9.3CVSS7.4AI score0.02582EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2007/08/18 9:0 p.m.22 views

CVE-2007-4422

The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key PSK authentication is enabled, generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames...

6.9AI score0.02582EPSS
Exploits0References7
securityvulns
securityvulns
added 2006/08/10 12:0 a.m.39 views

Intel® PROSet/Wireless Software Local Information Disclosure

Intel® PROSet/Wireless Software Local Information Disclosure Summary: A security vulnerability exists in the Intel® PROSet/Wireless Software PROSet application because of insecure usage of shared memory allowing a person having access to the user's computer or malicious software installed on the...

4.9CVSS6.1AI score0.00866EPSS
Exploits1
Cvelist
Cvelist
added 2006/02/01 8:0 p.m.24 views

CVE-2005-4697

The Microsoft Wireless Zero Configuration system WZCS allows local users to access WEP keys and pair-wise Master Keys PMK of the WPA pre-shared key via certain calls to the WZCQueryInterface API function in wzcsapi.dll...

6.3AI score0.01895EPSS
Exploits0References8
Cvelist
Cvelist
added 2006/02/01 8:0 p.m.21 views

CVE-2005-4696

The Microsoft Wireless Zero Configuration system WZCS stores WEP keys and pair-wise Master Keys PMK of the WPA pre-shared key in plaintext in memory of the explorer process, which allows attackers with access to process memory to steal the keys and access the network...

6.4AI score0.03892EPSS
Exploits1References9
Rows per page
Query Builder