10 matches found
EUVD-2019-16375
Malware in sbrugna...
EUVD-2022-46499
Malicious code in bioql PyPI...
CVE-2019-6821
CWE-330: Use of Insufficiently Random Values vulnerability, which could cause the hijacking of the TCP connection when using Ethernet communication in Modicon M580 firmware versions prior to V2.30, and all firmware versions of Modicon M340, Modicon Premium, Modicon Quantum...
CVE-2024-36905
In the Linux kernel, the following vulnerability has been resolved: tcp: defer shutdownSENDSHUTDOWN for TCPSYNRECV sockets TCPSYNRECV state is really special, it is only used by cross-syn connections, mostly used by fuzzers. In the following crash 1, syzbot managed to trigger a divide by zero in...
WPA2 Protocol Vulnerabilities - US
Lenovo Security Advisory: LEN-17420 Potential Impact: An attacker could manipulate the vulnerability to affect clients through arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames Severity: High Scope of...
Cisco Wireless IP Phone 8821 Multiple WPA2 Vulnerabilities
Cisco Wireless IP Phone 8821 is prone to key reinstallation attacks against WPA protocol. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if...
Cisco Aironet Access Points Multiple WPA2 Vulnerabilities
Cisco Aironet Access Points are prone to key reinstallation attacks against WPA protocol. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later Th...
Key Reinstallation Attacks: Cryptographic/protocol attack against WPA2
Several vulnerabilities affect the Wi-Fi Protected Access II WPA2 protocol, potentially enabling Man-in-the-Middle MitM attacks between Wifi Clients and Access Points running WPA2 . The impact includes decryption, packet replay, TCP connection hijacking and HTTP content injection...
Multiple TCP/IP implementations may use statistically predictable initial sequence numbers
Overview Attacks against TCP initial sequence number generation have been discussed for some time now. It has long been recognized that the ability to know or predict ISNs can lead to TCP connection hijacking or spoofing. What was not previously illustrated was just how predictable one...
Дырка в FreeBSD (IP Spoofing)
Алгоритм генерации псевдо-случайной последовательности позволяет по трем пакетам определить состояние генератора псевдо-случайно последовательности используемого при задании номеров последовательностей и воспроизвести его на удаленной машине, что позволяет перезватить любое TCP-соединение...