143 matches found
Design/Logic Flaw
An Improper Check for Unusual or Exceptional Conditions in Juniper Networks Junos OS Evolved may cause the stateless firewall filter configuration which uses the action 'policer' in certain combinations with other options to not take effect. An administrator can use the following CLI command to s...
Node.js third-party modules: [authmagic-timerange-stateless-core] Improper Authentication
I would like to report Improper Authentication in authmagic-timerange-stateless-core It allows to forge user's identity. Module module name: authmagic-timerange-stateless-core version: 0.0.9 npm page: https://www.npmjs.com/package/authmagic-timerange-stateless-core Module Description Stateless an...
Format string
When configuring a stateless firewall filter in Junos OS, terms named using the format "internal-n" e.g. "internal-1", "internal-2", etc. are silently ignored. No warning is issued during configuration, and the config is committed without error, but the filter criteria will match all packets...
CVE-2019-0036
When configuring a stateless firewall filter in Junos OS, terms named using the format "internal-n" e.g. "internal-1", "internal-2", etc. are silently ignored. No warning is issued during configuration, and the config is committed without error, but the filter criteria will match all packets...
Modlishka - An Open Source Phishing Tool With 2FA Authentication
Modlishka is a flexible and powerful reverse proxy, that will take your phishing campaigns to the next level with minimal effort required from your side. Enjoy :- Features Some of the most important 'Modlishka' features : Support for majority of 2FA authentication schemes by design. No website...
Flexible and Powerful Reverse Proxy: Modlishka
Modlishka is a flexible and powerful reverse proxy, that will take your phishing campaigns to the next level. It was realeased with an aim to: help penetration testers to carry out an effective phishing campaign and reinforce the fact that serious threat can arise from phishing. show current 2FA...
Design/Logic Flaw
On EX2300 and EX3400 series, stateless firewall filter configuration that uses the action 'policer' in combination with other actions might not take effect. When this issue occurs, the output of the command: show pfe filter hw summary will not show the entry for: RACL group Affected releases are...
CVE-2019-0002
On EX2300 and EX3400 series, stateless firewall filter configuration that uses the action 'policer' in combination with other actions might not take effect. When this issue occurs, the output of the command: show pfe filter hw summary will not show the entry for: RACL group Affected releases are...
CVE-2019-0002
CVE-2019-0002 affects Junos OS on the EX2300 and EX3400 series, where a stateless firewall filter rule that uses the action 'policer' in combination with other actions may not take effect. As a result, the command output of show pfe filter hw summary may not show the RACL entry. Affected releases...
CVE-2018-0031
Receipt of specially crafted UDP/IP packets over MPLS may be able to bypass a stateless firewall filter. The crafted UDP packets must be encapsulated and meet a very specific packet format to be classified in a way that bypasses IP firewall filter rules. The packets themselves do not cause a...
CVE-2018-0031
Receipt of specially crafted UDP/IP packets over MPLS may be able to bypass a stateless firewall filter. The crafted UDP packets must be encapsulated and meet a very specific packet format to be classified in a way that bypasses IP firewall filter rules. The packets themselves do not cause a...
Design/Logic Flaw
Receipt of specially crafted UDP/IP packets over MPLS may be able to bypass a stateless firewall filter. The crafted UDP packets must be encapsulated and meet a very specific packet format to be classified in a way that bypasses IP firewall filter rules. The packets themselves do not cause a...
Junos OS: Stateless IP firewall filter rules stop working as expected after reboot or upgrade
After Junos OS device reboot or upgrade, the stateless firewall filter configuration may not take effect. This issue can be verified by running the command: user@re0 show interfaces extensive | match filters" CAM destination filters: 0, CAM source filters: 0 Note: when the issue occurs, it does n...
Design/Logic Flaw
After Junos OS device reboot or upgrade, the stateless firewall filter configuration may not take effect. This issue can be verified by running the command: user@re0 show interfaces extensive | match filters" CAM destination filters: 0, CAM source filters: 0 Note: when the issue occurs, it does n...
CVE-2018-0026
CVE-2018-0026 affects Juniper Networks Junos OS: stateless firewall filter rules may stop taking effect after reboot or upgrade. Affected releases include Junos OS 15.1R4, 15.1R5, 15.1R6 and SRs based on these MRs, and 15.1X8 releases prior to 15.1X8.3. The issue can be observed via commands that...
OracleVM 3.4 : dhcp (OVMSA-2018-0023)
The remote OracleVM system is missing necessary patches to address critical security updates : - Added oracle-errwarn-message.patch - Resolves: 1550085 - CVE-2018-5733 Avoid reference overflow 12:4.1.1-53.P1.2 - Resolves: 1550083 - CVE-2018-5732 Avoid options buffer overflow - Resolves: 1063217 -...
dnsmasq: heap overflow in the IPv6 router advertisement code
A heap buffer overflow was discovered in dnsmasq in the IPv6 router advertisement RA handling code. An attacker on the local network segment could send crafted RAs to dnsmasq which would cause it to crash or, potentially, execute arbitrary code. This issue only affected configurations using one o...
pbscan - Faster And More Efficient Stateless SYN Scanner And Banner Grabber
polarbearscan is an attempt to do faster and more efficient banner grabbing and port scanning. It combines two different ideas which hopefully will make it somewhat worthy of your attention and time. The first of these ideas is to use stateless SYN scanning using cryptographically protected cooki...
packETH – Ethernet Packet Generator
packETH Ethernet Packet Generator packETH is GUI and CLI packet generator tool for ethernet. It allows you to create and send any possible packet or sequence of packets on the ethernet link. It is very simple to use, powerful and supports many adjustments of parameters while sending sequence of...
CVE-2014-6383
CVE-2014-6383 concerns Juniper Networks Junos OS where the stateless firewall on Trio-based PFE modules did not properly match ports, enabling a remote attacker to bypass firewall rules. Affected versions include Junos 13.3R3, 14.1R1, and 14.1R2. The underlying cause is faulty port matching in th...