PT-2025-49838

Affected products do not properly enforce TCP sequence number validation in specific scenarios but accept values within a broad range. This could allow an unauthenticated remote attacker e.g. to interfere with connection setup, potentially leading to a denial of service. The attack succeeds only ...

Amazon Linux 2 : nmap (ALAS-2023-2333)

The version of nmap installed on the remote host is prior to 6.40-19. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2333 advisory. Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service stack consumption and application...

Low: nmap

Issue Overview: Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service stack consumption and application crash via a crafted TCP-based service. CVE-2018-15173 Affected Packages: nmap Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

MITM_Intercept - A Little Bit Less Hackish Way To Intercept And Modify non-HTTP Protocols Through Burp And Others

A little bit less hackish way to intercept and modify non-HTTP protocols through Burp and others with SSL and TLS interception support. This tool is for researchers and applicative penetration testers that perform thick clients security assesments. An improved version of the fantastic mitmrelay...

Digi RealPort has an unspecified vulnerability

Digi RealPort is a proprietary Serial-over-LAN encapsulation protocol. It provides virtual connectivity to serial devices anywhere on the network by encapsulating ICS protocol data in a TCP-based protocol.A security vulnerability exists in Digi RealPort that could be exploited by an attacker to...

Advisory ROSA-SA-2021-1931

Software: nmap 6.40 OS: Cobalt 7.9 CVE-ID: CVE-2018-15173 CVE-Crit: HIGH CVE-DESC: Nmap through 7.70, when the -sV parameter is used, allows remote attackers to cause a denial of service stack consumption and application failure via a TCP-based service created. CVE-STATUS: default CVE-REV: defaul...

SUSE: Security Advisory (SUSE-SU-2019:1286-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP2 : nmap (EulerOS-SA-2020-2373)

According to the version of the nmap packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service stack consumption and application crash via a...

EulerOS 2.0 SP3 : nmap (EulerOS-SA-2020-2147)

According to the version of the nmap packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service stack consumption and application crash via a...

CVE-2020-24574

The client aka GalaxyClientService.exe in GOG GALAXY through 2.0.41 as of 12:58 AM Eastern, 9/26/21 allows local privilege escalation from any authenticated user to SYSTEM by instructing the Windows service to execute arbitrary commands. This occurs because the attacker can inject a DLL into...

Exploit for Improper Input Validation in Microsoft

KB4569509: Guidance for DNS Server Vulnerability CVE-2020-135...

EulerOS Virtualization 3.0.6.0 : nmap (EulerOS-SA-2020-1781)

According to the version of the nmap package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service stack consumption and application...

EulerOS 2.0 SP5 : nmap (EulerOS-SA-2020-1610)

According to the version of the nmap packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service stack consumption and application crash via a...

Denial Of Service (DoS)

Nmap is vulnerable to Denial of Service DoS. When the -sV option is used, it allows remote attackers to cause a denial of service stack consumption and application crash via a crafted TCP-based service...

Huawei EulerOS: Security Advisory for nmap (EulerOS-SA-2020-1081)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.5.0 : nmap (EulerOS-SA-2020-1081)

According to the version of the nmap package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service stack consumption and...

CVE-2019-18625

An issue was discovered in Suricata 5.0.0. It was possible to bypass/evade any tcp based signature by faking a closed TCP session using an evil server. After the TCP SYN packet, it is possible to inject a RST ACK and a FIN ACK packet with a bad TCP Timestamp option. The client will ignore the RST...

CVE-2019-18625

An issue was discovered in Suricata 5.0.0. It was possible to bypass/evade any tcp based signature by faking a closed TCP session using an evil server. After the TCP SYN packet, it is possible to inject a RST ACK and a FIN ACK packet with a bad TCP Timestamp option. The client will ignore the RST...

CVE-2019-18792

An issue was discovered in Suricata 5.0.0. It is possible to bypass/evade any tcp based signature by overlapping a TCP segment with a fake FIN packet. The fake FIN packet is injected just before the PUSH ACK packet we want to bypass. The PUSH ACK packet containing the data will be ignored by...

FreeSWITCH mod_event_socket Service Detection

A FreeSWITCH modeventsocket service is running at this host. modeventsocket is a TCP-based interface to control FreeSWITCH. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...