29 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: mptcp: Fallback earlier on simultaneous connections Syzkaller reports a race condition in simultaneous connections that leads to inconsistent fallback behavior. Status: WARNING: CPU: 3 PID: 33 at net/mptcp/subflow.c:1515...
CVE-2021-47865
ProFTPD 1.3.7a contains a denial of service vulnerability that allows attackers to overwhelm the server by creating multiple simultaneous FTP connections. Attackers can repeatedly establish connections using threading to exhaust server connection limits and block legitimate user access...
mptcp: fallback earlier on simult connection
...
SUSE CVE-2025-71088
In the Linux kernel, the following vulnerability has been resolved: mptcp: fallback earlier on simult connection Syzkaller reports a simult-connect race leading to inconsistent fallback status: WARNING: CPU: 3 PID: 33 at net/mptcp/subflow.c:1515 subflowdataready+0x40b/0x7c0 net/mptcp/subflow.c:15...
CVE-2025-71088
In the Linux kernel, the following vulnerability has been resolved: mptcp: fallback earlier on simult connection Syzkaller reports a simult-connect race leading to inconsistent fallback status: WARNING: CPU: 3 PID: 33 at net/mptcp/subflow.c:1515 subflowdataready+0x40b/0x7c0 net/mptcp/subflow.c:15...
UBUNTU-CVE-2025-71088
In the Linux kernel, the following vulnerability has been resolved: mptcp: fallback earlier on simult connection Syzkaller reports a simult-connect race leading to inconsistent fallback status: WARNING: CPU: 3 PID: 33 at net/mptcp/subflow.c:1515 subflowdataready+0x40b/0x7c0 net/mptcp/subflow.c:15...
PT-2026-2609
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to MPTCP Multipath TCP. A race condition exists in the handling of simultaneous connection synchronization-acknowledgment syn-ack packets,...
EUVD-2004-2486
Malware in sbrugna...
CVE-2025-52570
CVE-2025-52570 affects the Letmein port-knock implementation. Before version 10.2.1, the connection limiter is implemented incorrectly, allowing an arbitrary number of simultaneous incoming connections (TCP, UDP, and Unix socket) for the services letmeind and letmeinfwd. The num-connections optio...
CVE-2025-52570 Letmein connection limiter allows an arbitrary amount of simultaneous connections
Letmein is an authenticating port knocker. Prior to version 10.2.1, The connection limiter is implemented incorrectly. It allows an arbitrary amount of simultaneously incoming connections TCP, UDP and Unix socket for the services letmeind and letmeinfwd. Therefore, the command line option...
CVE-2025-52570 Letmein connection limiter allows an arbitrary amount of simultaneous connections
Letmein is an authenticating port knocker. Prior to version 10.2.1, The connection limiter is implemented incorrectly. It allows an arbitrary amount of simultaneously incoming connections TCP, UDP and Unix socket for the services letmeind and letmeinfwd. Therefore, the command line option...
GHSA-7W6R-748W-MH52 pgAdmin has Incorrect Default Permissions
A vulnerability was found in pgadmin. Users logging into pgAdmin running in server mode using LDAP authentication may be attached to another user's session if multiple connection attempts occur simultaneously...
pgAdmin 安全漏洞
pgAdmin is pgAdmin open source an open source management and development platform for the open source database PostgreSQL. A security vulnerability exists in pgAdmin that stems from the fact that a user logged into pgAdmin running in server mode using LDAP authentication may attach to another...
SMBLoris NBSS Denial of Service
!/usr/bin/env ruby require 'socket' require 'metasploit' require 'bindata' class NbssHeader ' , date: '2017-06-29', references: type: 'url', ref: 'https://web.archive.org/web/20170804072329/https://smbloris.com/' , type: 'aka', ref: 'SMBLoris' , type: 'dos', options: rhost: type: 'address',...
K74009656: BIND vulnerability CVE-2018-5743
Security Advisory Description By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was...
curl: CVE-2021-22897: schannel cipher selection surprise
Summary: Commit "schannel: support selecting ciphers" added support for selecting the ciphers with SCHANNEL. However, due to use of a static algIds array for ciphers in setsslciphers the last configured cipher list will override configuration used by other connections, leading to potential wrong...
bind: Limiting simultaneous TCP clients is ineffective
A flaw was found in the way bind implemented tunable which limited simultaneous TCP client connections. A remote attacker could use this flaw to exhaust the pool of file descriptors available to named, potentially affecting network connections and the management of files such as log files or zone...
PortSwigger Web Security: JSBeautifier BApp: Race condition leads to memory disclosure
Description ==================== If an attacker builds up multiple connections which will be released at the same time having a response Content-Length of 0, leaving out the response Content-Length header or having a higher Content-Length than the actual response while insinuating starting a...
FTP OnConnect 1.4.11 iOS - Multiple Vulnerabilities
No description provided by source. Title: ====== FTP OnConnect v1.4.11 iOS - Multiple Web Vulnerabilities Date: ===== 2013-08-04 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1041 VL-ID: ===== 1041 Common Vulnerability Scoring System:...
FTP OnConnect 1.4.11 iOS - Multiple Vulnerabilities
Title: ====== FTP OnConnect v1.4.11 iOS - Multiple Web Vulnerabilities Date: ===== 2013-08-04 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1041 VL-ID: ===== 1041 Common Vulnerability Scoring System: ==================================== 8.6 Introduction: =============...