158 matches found
CVE-2015-0718
Cisco NX-OS v4.0–6.1 on Nexus 1000V platforms (3000/4000/5000/6000/7000) and UCS may be remotely exploitable via crafted TCP packets while a TIME_WAIT state exists, causing a denial of service (TCP stack reload). Root cause: improper handling of certain TCP closing sequences in TIME_WAIT. Impact:...
CVE-2002-2438
TCP firewalls could be circumvented by sending a SYN Packets with other flags like e.g. RST flag set, which was not correctly discarded by the Linux TCP stack after firewalling...
RHEL 7 : kernel-rt (RHSA-2015:1788)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:1788 advisory. The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the kernel's implementation of...
Important: Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update
Updated kernel-rt packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, whic...
CVE-2014-7250
The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service resource consumption via crafted packets...
CVE-2014-7250
The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service resource consumption via crafted packets...
Session fixation
The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service resource consumption via crafted packets...
CVE-2014-7250
The CVE-2014-7250 entry documents a DoS flaw in the TCP stack: the 4.3BSD Net/2 TCP session timer is not properly implemented, affecting FreeBSD 5.4 and possibly NetBSD 2.0 and OpenBSD 3.6. A crafted packet can cause resource consumption due to improper session timer handling, enabling remote att...
CVE-2014-7250
The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service resource consumption via crafted packets...
CVE-2014-7250
Removed by vendor...
Tincd Post-Authentication Remote TCP Stack Buffer Overflow Exploit
This Metasploit module exploits a stack buffer overflow in Tinc's tincd service. After authentication, a specially crafted tcp packet default port 655 leads to a buffer overflow and allows to execute arbitrary code. This Metasploit module has been tested with tinc-1.1pre6 on Windows XP custom cal...
FreeBSD -- Denial of Service in TCP packet processing
Problem Description: When a segment with the SYN flag for an already existing connection arrives, the TCP stack tears down the connection, bypassing a check that the sequence number in the segment is in the expected window. Impact: An attacker who has the ability to spoof IP traffic can tear down...
Microsoft Windows 2000/NT 4 TCP Stack DoS Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/3967/info An issue exists in Windows which could cause the TCP stack to consume all available system memory. This is achieved if a user sends numerous empty TCP packets to a host on port 139. Successful exploitation of th...
HP-UX 11,Linux kernel 2.4,Windows 2000/NT 4.0,IRIX 6.5 Small TCP MSS DoS
No description provided by source. source: http://www.securityfocus.com/bid/2997/info A potential denial of service vulnerability exists in several TCP stack implementations. TCP has a MSS maximum segment size option that is used by a TCP client to announce to a peer the maximum amount of TCP dat...
openSUSE Security Update : kernel (openSUSE-SU-2012:1330-1)
This kernel update to 3.4.11 fixes various bugs and security issues. The changes up to 3.4.11 contain both security and bugfixes and are not explicitly listed here. Following security issues were fixed: CVE-2012-3520: Force passing credentials, otherwise local services could be fooled to assume...
CVE-2014-2537
Memory leak in the TCP stack in the kernel in Sophos UTM before 9.109 allows remote attackers to cause a denial of service memory consumption via unspecified vectors...
Memory corruption
Memory leak in the TCP stack in the kernel in Sophos UTM before 9.109 allows remote attackers to cause a denial of service memory consumption via unspecified vectors...
CVE-2014-2537
The CVE-2014-2537 entry concerns Sophos UTM prior to 9.109, where a memory leak in the kernel’s TCP stack can be exploited remotely to cause a denial of service. Affected product/version: Sophos UTM versions 9.108 and earlier. Root cause: memory leak in the TCP stack (kernel level). Impact: denia...
CVE-2014-2537
Memory leak in the TCP stack in the kernel in Sophos UTM before 9.109 allows remote attackers to cause a denial of service memory consumption via unspecified vectors...
Cisco IOS Software TCP ACK Storm Vulnerability
A vulnerability in the TCP stack of Cisco IOS Software could allow an unauthenticated, remote attacker to cause an ACK storm. The vulnerability is due to improper closing of an established TCP connection. An attacker could exploit this vulnerability by sending a crafted sequence of TCP ACK and FI...