EUVD-2019-10243

Malware in sbrugna...

Fortinet Fortigate IPS Engine evasion using custom TCP flags (FG-IR-23-090)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-090 advisory. - A interpretation conflict in Fortinet IPS Engine versions 7.321, 7.166 and 6.158 allows attacker to evade IPS features via...

CVE-2022-1841

In subsys/net/ip/tcp.c , function tcpflags , when the incoming parameter flags is ECN or CWR , the buf will out-of-bounds write a byte zero...

CVE-2022-1841

In subsys/net/ip/tcp.c , function tcpflags , when the incoming parameter flags is ECN or CWR , the buf will out-of-bounds write a byte zero...

PT-2022-14159 · Zephyrproject +1 · Zephyr

Name of the Vulnerable Software and Affected Versions: No specific software or version is mentioned. Description: The issue occurs in the tcp flags function within the subsys/net/ip/tcp.c file. When the incoming parameter flags is set to ECN or CWR, it causes an out-of-bounds write of a byte with...

CVE-2002-2438

firewalls might let some TCP flags combinations pass e.g. all with RST flag set and the OS e.g. Linux stack would in turn accept a TCP session it might not have accepted otherwise...

Fedora 29 : nfdump (2019-9013b5e75d)

2019-08-14 - Fix compile issues - Fix output buffer size for lzo1xdecompresssafe 2019-08-07 - Fix VerifyExtensionMap 179 2019-08-06 - Fix compile errors 2019-08-05 - Fix nfdump.1 man page. 175 - Fix off by 1 array. 173 - Fix use after free in ModifyCompressFile - Add bound checks in AddExporterSt...

Design/Logic Flaw

A vulnerability in the TCP flags inspection feature for access control lists ACLs on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. The vulnerability is due to incorrect...

CVE-2019-1686

A vulnerability in the TCP flags inspection feature for access control lists ACLs on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. The vulnerability is due to incorrect...

CVE-2019-1686

A vulnerability in the TCP flags inspection feature for access control lists ACLs on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. The vulnerability is due to incorrect...

CVE-2019-1686

Summary of CVE-2019-1686: Cisco IOS XR on ASR 9000 Series ACL processing vulnerability allows an unauthenticated, remote attacker to bypass ACL protections. Root cause: incorrect processing of the ACL applied to an interface when Cisco Express Forwarding load balancing uses the 3-tuple hash algor...

Cisco ASR 9000 Series Aggregation Services Routers ACL Bypass Vulnerability

A vulnerability in the TCP flags inspection feature for access control lists ACLs on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. The vulnerability is due to incorrect...

habu - Network Hacking Toolkit

Habu is to teach and learn some concepts about Python and Network Hacking. These are basic functions that help with some tasks for Ethical Hacking and Penetration Testing. Most of them are related with networking, and the implementations are intended to be understandable for who wants to read the...

Security Best Practice: Familiarize Yourself with the Packet Sanity Protection

The Packet Sanity protection performs several Layer 3 and Layer 4 sanity checks. These include verifying packet size, UDP and TCP header lengths, dropping IP options and verifying the TCP flags.Numerous types of attacks may be hidden in fragmented packets...

Cisco Content Switching Module memory leak

Memory leak on TCP flags processing causes DoS conditions...

Memory corruption

Memory leak in Cisco Content Switching Module CSM 4.23 up to 4.28 and Cisco Content Switching Module with SSL CSM-S 2.12 up to 2.17 allows remote attackers to cause a denial of service memory consumption via TCP segments with an unspecified combination of TCP flags...

Stream / Raped (Windows) - Denial of Service

/ Straped 1.0 author: Marco Del Percio 20/05/2005 Remember: this is a mulithreaded program! MSVC++ compile with /MT. Remember: This program requires raw socket support! You can't use it on Windows XP SP2 and if you've done MS05-019 update you'll have to re-enable raw socket support! If you still...

ZyXEL 642R(-11) AJ.6 SYN-ACK, SYN-FIN DoS

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Name: ZyXEL 642R-11 AJ.6, other routers based on ZyNOS are also suspectible to this DoS Systems Affected: ZyNOS Severity: Medium Risk Category: Denial of Service Vendor URL: www.zyxel.com Vendor contacted: 1.6.2002 Vendor fix: - Summary - - -------...