12 matches found
MiracleLinux 4 : kernel-2.6.32-642.4.2.el6 (AXSA:2016-679:07)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-679:07 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating system:...
Linux Distros Unpatched Vulnerability : CVE-2020-36516
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path...
CVE-2023-30312
An issue discovered in OpenWrt 18.06, 19.07, 21.02, 22.03, and beyond allows off-path attackers to hijack TCP sessions, which could lead to a denial of service, impersonating the client to the server e.g., for access to files over FTP, and impersonating the server to the client e.g., to deliver...
CVE-2023-30310
An issue discovered in Comfast Comfast CF-616AC routers allows attackers to hijack TCP sessions which could lead to a denial of service...
CVE-2023-30305
An issue discovered in Linksys E5600 routers allows attackers to hijack TCP sessions which could lead to a denial of service...
多款Ruijie产品 安全漏洞
Ruijie Networks EG210G-P is a Gigabit PoE router from Ruijie Networks China. A security vulnerability exists in multiple Ruijie products, which stems from a vulnerability that allows an attacker to hijack a TCP session, potentially resulting in a denial of service attack. The following products a...
360 Safe Router P1 安全漏洞
360 Safe Router P1 is a wireless router from Qihoo Technology Limited 360, a company based in Beijing, China. A security vulnerability exists in 360 Safe Router P1, 360 V6G, 360 T5G, 360 T6M that originates from the router allowing an attacker to hijack a TCP session, which could result in a deni...
SUSE CVE-2020-36516
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session...
Code injection
In SIMATIC MV400 family versions prior to v7.0.6, the ISN generator is initialized with a constant value and has constant increments. An attacker could predict and hijack TCP sessions...
TCP Session Hijack
kernel-rt is vulnerable to TCP session hijack attacks. The vulnerability exists as net/ipv4/tcpinput.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack...
DEBIAN-CVE-2016-5696
net/ipv4/tcpinput.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack...
CVE-2016-5696
net/ipv4/tcpinput.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack...