12 matches found
FreeBSD : FreeBSD -- pf incorrectly matches different ICMPv6 states in the state table (f140cff0-771a-11ef-9a62-002590c1f29c)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f140cff0-771a-11ef-9a62-002590c1f29c advisory. In ICMPv6 Neighbor Discovery ND, the ID is always 0. When pf is configured to allow ND and block incomi...
CVE-2024-6640 pf incorrectly matches different ICMPv6 states in the state table
In ICMPv6 Neighbor Discovery ND, the ID is always 0. When pf is configured to allow ND and block incoming Echo Requests, a crafted Echo Request packet after a Neighbor Solicitation NS can trigger an Echo Reply. The packet has to come from the same host as the NS and have a zero as identifier to...
CVE-2024-6640 pf incorrectly matches different ICMPv6 states in the state table
In ICMPv6 Neighbor Discovery ND, the ID is always 0. When pf is configured to allow ND and block incoming Echo Requests, a crafted Echo Request packet after a Neighbor Solicitation NS can trigger an Echo Reply. The packet has to come from the same host as the NS and have a zero as identifier to...
SUSE CVE-2008-4609
The TCP implementation in 1 Linux, 2 platforms based on BSD Unix, 3 Microsoft Windows, 4 Cisco products, and probably other operating systems allows remote attackers to cause a denial of service connection queue exhaustion via multiple vectors that manipulate information in the TCP state table, a...
OSV-2018-54 UNKNOWN READ in BEInt<short, 2>::operator short
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11305 Crash type: UNKNOWN READ Crash state: BEInt::operator short AAT::KerxSubTableFormat1::drivercontextt::transition void AAT::StateTableDriver::EntryDat...
DEBIAN-CVE-2008-4609
The TCP implementation in 1 Linux, 2 platforms based on BSD Unix, 3 Microsoft Windows, 4 Cisco products, and probably other operating systems allows remote attackers to cause a denial of service connection queue exhaustion via multiple vectors that manipulate information in the TCP state table, a...
AZL-6513 CVE-2008-4609 affecting package kernel for versions less than 5.10.78.1-1
The TCP implementation in 1 Linux, 2 platforms based on BSD Unix, 3 Microsoft Windows, 4 Cisco products, and probably other operating systems allows remote attackers to cause a denial of service connection queue exhaustion via multiple vectors that manipulate information in the TCP state table, a...
CVE-2008-4609
The TCP implementation in 1 Linux, 2 platforms based on BSD Unix, 3 Microsoft Windows, 4 Cisco products, and probably other operating systems allows remote attackers to cause a denial of service connection queue exhaustion via multiple vectors that manipulate information in the TCP state table, a...
CVE-2008-4609
The TCP implementation in 1 Linux, 2 platforms based on BSD Unix, 3 Microsoft Windows, 4 Cisco products, and probably other operating systems allows remote attackers to cause a denial of service connection queue exhaustion via multiple vectors that manipulate information in the TCP state table, a...
Low security hole affecting Mentor's ADSLFR4II router
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I've found a number of low risk issues with Mentor's ADSLFR4II router. I initially spoke to them on the 20th July, passing them full details of my findings on the 21st of July. I then emailed them again on the 4th of August asking for an update and...
CVE-2002-2150
Firewalls from multiple vendors empty state tables more slowly than they are filled, which allows remote attackers to flood state tables with packet flooding attacks such as 1 TCP SYN flood, 2 UDP flood, or 3 Crikey CRC Flood, which causes the firewall to refuse any new connections...
Security Vulnerability in IPFilter 3.3.15 and 3.4.3
Obfuscation Research Laboratories Security Advisory ORL-2000-05-19-01 IPFILTER FIREWALLS SYNOPSIS A weakness exists in the IPFilter firewalling package in all versions up to and including 3.3.15 and 3.4.3 that allows an attacker to penetrate the firewall when a common, yet admittedly flawed,...