Juniper Junos OS Vulnerability (JSA83021)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA83021 advisory. - An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon flowd of Juniper Networks Junos OS on SRX4600 and SRX5000 Series allows an attacke...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002185)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002185 advisory. The tcprcvstateprocess function in net/ipv4/tcpinput.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service kernel resource...

CVE-2024-39561

An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon flowd of Juniper Networks Junos OS on SRX4600 and SRX5000 Series allows an attacker to send TCP packets with SYN/FIN or SYN/RST flags, bypassing the expected blocking of these packets. A TCP packet with SYN/F...

CVE-2024-39561 Junos OS: SRX4600, SRX5000 Series: TCP packets with SYN/FIN or SYN/RST are transferred after enabling no-syn-check with Express Path

An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon flowd of Juniper Networks Junos OS on SRX4600 and SRX5000 Series allows an attacker to send TCP packets with SYN/FIN or SYN/RST flags, bypassing the expected blocking of these packets. A TCP packet with SYN/F...

CVE-2024-39561

CVE-2024-39561 affects Juniper Junos OS on SRX4600/SRX5000 Series. The vulnerability stems from an improper check in the flow daemon (flowd) that can allow TCP packets with SYN/FIN or SYN/RST flags to bypass the intended block when no-syn-check and Express Path are enabled, causing such packets t...

CVE-2024-39561 Junos OS: SRX4600, SRX5000 Series: TCP packets with SYN/FIN or SYN/RST are transferred after enabling no-syn-check with Express Path

An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon flowd of Juniper Networks Junos OS on SRX4600 and SRX5000 Series allows an attacker to send TCP packets with SYN/FIN or SYN/RST flags, bypassing the expected blocking of these packets. A TCP packet with SYN/F...

K15304: Linux kernel tcp_rcv_state_process vulnerability CVE-2012-6638

Security Advisory Description The tcprcvstateprocess function in net/ipv4/tcpinput.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service kernel resource consumption via a flood of SYN+FIN TCP packets. CVE-2012-6638 Impact Remote attackers may be able to cause a...

SUSE CVE-2012-2663

extensions/libxttcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant...

Marconi ASX-1000 Administration Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2400/info ASX-1000 Switches are hardware packages developed by Marconi Corporation. ASX-1000 Switches can be used to regulate ATM networks, performing layer-3 switching. A problem with the switch could allow a management...

Zyxel Prestige 642R Malformed Packet Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5034/info ZyXEL 642R routers have difficulties handling certain types of malformed packets. In particular, it is possible to deny services by sending a vulnerable router a SYN-ACK packet. To a lesser degree, the router al...

Kernel: net: tcp: potential DoS via SYN+FIN messages

The tcprcvstateprocess function in net/ipv4/tcpinput.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service kernel resource consumption via a flood of SYN+FIN TCP packets, a different vulnerability than CVE-2012-2663...

RHEL 5 : kernel (RHSA-2014:0433)

Updated kernel packages that fix two security issues, three bugs, and add one enhancement are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

Kernel: net: tcp: potential DoS via SYN+FIN messages

The tcprcvstateprocess function in net/ipv4/tcpinput.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service kernel resource consumption via a flood of SYN+FIN TCP packets, a different vulnerability than CVE-2012-2663...

kernel security, bug fix, and enhancement update

kernel 2.6.18-371.8.1 - virt HID: memory corruption flaw drivers/usb/input/hid-core.c Jacob Tanenbaum 1032996 1032999 CVE-2013-2888 - virt HID: memory corruption flaw in drivers/hv/hid-core.c Jacob Tanenbaum 1032996 1032999 CVE-2013-2888 - scsi lpfc: Fix task management commands having a fixed...

CVE-2012-6638

The tcprcvstateprocess function in net/ipv4/tcpinput.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service kernel resource consumption via a flood of SYN+FIN TCP packets, a different vulnerability than CVE-2012-2663...

Code injection

The tcprcvstateprocess function in net/ipv4/tcpinput.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service kernel resource consumption via a flood of SYN+FIN TCP packets, a different vulnerability than CVE-2012-2663...

CVE-2012-6638

The tcprcvstateprocess function in net/ipv4/tcpinput.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service kernel resource consumption via a flood of SYN+FIN TCP packets, a different vulnerability than CVE-2012-2663...

CVE-2012-6638

CVE-2012-6638 (Linux kernel) affects the tcp_rcv_state_process in net/ipv4/tcp_input.c and can cause a DoS due to a flood of SYN+FIN packets. The vulnerability exists in kernels before 3.2.24 and is fixed in the 3.2.24 update (per ChangeLog-3.2.24). Exploitation is described as remote and results...

PT-2014-2407 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.2.24 Description: The issue allows remote attackers to cause a denial of service by consuming kernel resources through a flood of SYN+FIN TCP packets. This is achieved by exploiting the tcp rcv state process...

UBUNTU-CVE-2012-6638

The tcprcvstateprocess function in net/ipv4/tcpinput.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service kernel resource consumption via a flood of SYN+FIN TCP packets, a different vulnerability than CVE-2012-2663...