710 matches found
CVE-2002-2071
Compaq Tru64 4.0 d allows remote attackers to cause a denial of service in 1 telnet, 2 FTP, 3 ypbind, 4 rpc.lockd, 5 snmp, 6 ttdbserverd, and possibly other services via a TCP SYN scan, as demonstrated using nmap...
CVE-2002-1944
Motorola Surfboard 4200 cable modem allows remote attackers to cause a denial of service crash by performing a SYN scan using a tool such as nmap...
CVE-2002-1911
ZoneAlarm Pro 3.0 and 3.1, when configured to block all traffic, allows remote attackers to cause a denial of service CPU and memory consumption via a large number of SYN packets SYN flood. NOTE: the vendor was not able to reproduce the issue...
CVE-2005-4275
Scientific Atlanta DPX2100 Cable Modem allows remote attackers to cause a denial of service device crash via an IP packet with the same source and destination IPs and ports, and with the SYN flag set aka LanD, as demonstrated using hping2. NOTE: the provenance of this issue is unknown; the detail...
CVE-1999-0453
An attacker can identify a CISCO device by sending a SYN packet to port 1999, which is for the Cisco Discovery Protocol CDP...
Enable TCP-SYN Cookie Protection
TCP-SYN cookie protection mitigates the impact of SYN flood attacks on the system. When an attacker launches a SYN flood attack, the half-open connection queue in the kernel is quickly exhausted to block valid connections. If SYN cookie is enabled, the system can still accept valid connections ev...
CVE-2023-53121 tcp: tcp_make_synack() can be called from process context
In the Linux kernel, the following vulnerability has been resolved: tcp: tcpmakesynack can be called from process context tcprtxsynack now could be called in process context as explained in 0a375c822497 "tcp: tcprtxsynack can be called from process context". tcprtxsynack might call tcpmakesynack,...
UBUNTU-CVE-2025-23145
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in canacceptnewsubflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcpcanacceptnewsubflow' because subflowreq-msk is NULL. Call trace: mptcpcanacceptnewsubflow...
CVE-2025-23145
CVE-2025-23145 affects the Linux kernel (MPTCP) and describes a NULL-pointer dereference in the mptcp_can_accept_new_subflow path. The root cause is that subflow_req->msk ownership could be transferred to a subflow on the first path, creating a window where a second SYN-ACK could be processed ...
PT-2025-38559
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the TCP-AO failure handling for IPv6 within the Linux kernel. Specifically, when tcp ao copy all matching fails in tcp v6 syn recv sock, the function exits withou...
Anatomy of a SYN-ACK Attack
...
PT-2025-18399
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability has been resolved in the Linux kernel related to the MPTCP protocol. The issue occurs when the kernel panics in 'mptcp can accept new subflow' due to a NULL pointer...
Linux Distros Unpatched Vulnerability : CVE-2023-1206
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel's IPv6 functionality when a user makes a new kind of SYN flood attack. A...
Linux Distros Unpatched Vulnerability : CVE-2023-52700
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tipc: fix kernel warning when sending SYN message When sending a SYN message, this kernel stack trace is observed: ... 13.396352 RIP: 0010:copyfromiter+0xb4/0x5...
Linux Distros Unpatched Vulnerability : CVE-2017-5972
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The TCP stack in the Linux kernel 3.x does not properly implement a SYN cookie protection mechanism for the case of a fast network connection, which allows remo...
CVE-2022-49372
CVE-2022-49372 affects the Linux kernel where tcp_rtx_synack() can be invoked from process context during a Fast Open TCP backlog/backlog processing sequence when CONFIG_DEBUG_PREEMPT is enabled. The issue arises as a SYN retransmit is processed in process context, cooking a SYN-ACK in that conte...
CVE-2022-49372
In the Linux kernel, the following vulnerability has been resolved: tcp: tcprtxsynack can be called from process context Laurent reported the enclosed report 1 This bug triggers with following coditions: 0 Kernel built with CONFIGDEBUGPREEMPT=y 1 A new passive FastOpen TCP socket is created. This...
Siemens SIMATIC and SCALANCE Devices Uncontrolled Resource Consumption (CVE-2023-1206)
A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel's IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6...
kernel: TCP-spoofed ghost ACKs and leak leak initial sequence number
A flaw was found in the Linux kernel. Two TCP spoofing primitives exist where an attacker can brute force the server-chosen send window by acknowledging data that was never sent, called "ghost ACKs." There are side channels that also allow the attacker to leak the otherwise secret server-chosen...
Cisco IP Phone Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2006-0179)
The Cisco IP Phone 7940 allows remote attackers to cause a denial of service reboot via a large amount of TCP SYN packets syn flood to arbitrary ports, as demonstrated to port 80. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...