Lucene search
K

710 matches found

RedhatCVE
RedhatCVE
added 2025/05/21 8:31 p.m.8 views

CVE-2002-2071

Compaq Tru64 4.0 d allows remote attackers to cause a denial of service in 1 telnet, 2 FTP, 3 ypbind, 4 rpc.lockd, 5 snmp, 6 ttdbserverd, and possibly other services via a TCP SYN scan, as demonstrated using nmap...

5CVSS7.1AI score0.03401EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/21 8:27 p.m.7 views

CVE-2002-1944

Motorola Surfboard 4200 cable modem allows remote attackers to cause a denial of service crash by performing a SYN scan using a tool such as nmap...

5CVSS7AI score0.01743EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 8:26 p.m.13 views

CVE-2002-1911

ZoneAlarm Pro 3.0 and 3.1, when configured to block all traffic, allows remote attackers to cause a denial of service CPU and memory consumption via a large number of SYN packets SYN flood. NOTE: the vendor was not able to reproduce the issue...

5CVSS7AI score0.03134EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/21 7:43 p.m.9 views

CVE-2005-4275

Scientific Atlanta DPX2100 Cable Modem allows remote attackers to cause a denial of service device crash via an IP packet with the same source and destination IPs and ports, and with the SYN flag set aka LanD, as demonstrated using hping2. NOTE: the provenance of this issue is unknown; the detail...

7.8CVSS7AI score0.02839EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/21 6:9 p.m.9 views

CVE-1999-0453

An attacker can identify a CISCO device by sending a SYN packet to port 1999, which is for the Cisco Discovery Protocol CDP...

5CVSS6.9AI score0.01415EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.4 views

Enable TCP-SYN Cookie Protection

TCP-SYN cookie protection mitigates the impact of SYN flood attacks on the system. When an attacker launches a SYN flood attack, the half-open connection queue in the kernel is quickly exhausted to block valid connections. If SYN cookie is enabled, the system can still accept valid connections ev...

6.8AI score
Exploits0References4
OSV
OSV
added 2025/05/02 3:55 p.m.8 views

CVE-2023-53121 tcp: tcp_make_synack() can be called from process context

In the Linux kernel, the following vulnerability has been resolved: tcp: tcpmakesynack can be called from process context tcprtxsynack now could be called in process context as explained in 0a375c822497 "tcp: tcprtxsynack can be called from process context". tcprtxsynack might call tcpmakesynack,...

5.5CVSS5.9AI score0.00155EPSS
Exploits0References11
OSV
OSV
added 2025/05/01 1:15 p.m.15 views

UBUNTU-CVE-2025-23145

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in canacceptnewsubflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcpcanacceptnewsubflow' because subflowreq-msk is NULL. Call trace: mptcpcanacceptnewsubflow...

5.5CVSS6.2AI score0.00176EPSS
Exploits0References40
CVE
CVE
added 2025/05/01 12:55 p.m.146 views

CVE-2025-23145

CVE-2025-23145 affects the Linux kernel (MPTCP) and describes a NULL-pointer dereference in the mptcp_can_accept_new_subflow path. The root cause is that subflow_req->msk ownership could be transferred to a subflow on the first path, creating a window where a second SYN-ACK could be processed ...

5.5CVSS6.8AI score0.00176EPSS
Exploits0References10Affected Software1
Positive Technologies
Positive Technologies
added 2025/04/16 12:0 a.m.3 views

PT-2025-38559

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the TCP-AO failure handling for IPv6 within the Linux kernel. Specifically, when tcp ao copy all matching fails in tcp v6 syn recv sock, the function exits withou...

5.5CVSS6AI score0.00135EPSS
Exploits0
Akamai Blog
Akamai Blog
added 2025/04/01 12:0 p.m.12 views

Anatomy of a SYN-ACK Attack

...

7.3AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/03/31 12:0 a.m.7 views

PT-2025-18399

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability has been resolved in the Linux kernel related to the MPTCP protocol. The issue occurs when the kernel panics in 'mptcp can accept new subflow' due to a NULL pointer...

7.8CVSS6.6AI score0.00176EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2023-1206

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel's IPv6 functionality when a user makes a new kind of SYN flood attack. A...

5.7CVSS6.6AI score0.00553EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2023-52700

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tipc: fix kernel warning when sending SYN message When sending a SYN message, this kernel stack trace is observed: ... 13.396352 RIP: 0010:copyfromiter+0xb4/0x5...

5.5CVSS6.5AI score0.00217EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2017-5972

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The TCP stack in the Linux kernel 3.x does not properly implement a SYN cookie protection mechanism for the case of a fast network connection, which allows remo...

7.8CVSS7.7AI score0.2389EPSS
Exploits3References3
CVE
CVE
added 2025/02/26 2:11 a.m.153 views

CVE-2022-49372

CVE-2022-49372 affects the Linux kernel where tcp_rtx_synack() can be invoked from process context during a Fast Open TCP backlog/backlog processing sequence when CONFIG_DEBUG_PREEMPT is enabled. The issue arises as a SYN retransmit is processed in process context, cooking a SYN-ACK in that conte...

5.5CVSS5.3AI score0.00283EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2025/02/26 2:11 a.m.14 views

CVE-2022-49372

In the Linux kernel, the following vulnerability has been resolved: tcp: tcprtxsynack can be called from process context Laurent reported the enclosed report 1 This bug triggers with following coditions: 0 Kernel built with CONFIGDEBUGPREEMPT=y 1 A new passive FastOpen TCP socket is created. This...

5.5CVSS5.3AI score0.00283EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/02/24 12:0 a.m.9 views

Siemens SIMATIC and SCALANCE Devices Uncontrolled Resource Consumption (CVE-2023-1206)

A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel's IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6...

5.7CVSS6.6AI score0.00553EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2024/12/04 12:19 a.m.2 views

kernel: TCP-spoofed ghost ACKs and leak leak initial sequence number

A flaw was found in the Linux kernel. Two TCP spoofing primitives exist where an attacker can brute force the server-chosen send window by acknowledging data that was never sent, called "ghost ACKs." There are side channels that also allow the attacker to leak the otherwise secret server-chosen...

5.5CVSS6.8AI score0.00227EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/12/04 12:0 a.m.7 views

Cisco IP Phone Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2006-0179)

The Cisco IP Phone 7940 allows remote attackers to cause a denial of service reboot via a large amount of TCP SYN packets syn flood to arbitrary ports, as demonstrated to port 80. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

5CVSS5.8AI score0.13576EPSS
Exploits1References19
Rows per page
Query Builder