Lucene search
K

22 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: In the tcpdisconnect function, the tcpsksk-fastopenrsk field was not cleared. The syzbot reported that a socket had tcpsksk-fastopenrsk in the TCPESTABLISHED state. The syzbot reused the server-side TCP Fast Open socket as a new...

7.8CVSS6.4AI score0.00144EPSS
Exploits0References2
OSV
OSV
added 2026/04/25 5:49 a.m.6 views

OESA-2026-2076 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: tcp: Clear tcpsksk-fastopenrsk in tcpdisconnect. syzbot reported the splat below where a socket had tcpsksk-fastopenrsk in the TCPESTABLISHED state. 0 syzbot...

9.8CVSS5.6AI score0.00488EPSS
Exploits0References7
Slackware Linux
Slackware Linux
added 2025/11/19 11:35 p.m.9 views

[slackware-security] openvpn

New openvpn packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/openvpn-2.6.16-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: Fix memcmp check for the hmac verification in the...

8.2CVSS6.9AI score0.00621EPSS
Exploits0
FreeBSD
FreeBSD
added 2025/10/27 12:0 a.m.8 views

OpenVPN -- HMAC verification on source IP address ineffective

Arne Schwabe reports: Fix memcmp check for the hmac verification in the 3way handshake being inverted This is a stupid mistake but causes all hmac cookies to be accepted, thus breaking source IP address validation. As a consequence, TLS sessions can be openend and state can be consumed in the...

8.2CVSS6.9AI score0.00621EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 6:11 a.m.4 views

SUSE CVE-2007-4103

The IAX2 channel driver chaniax2 in Asterisk Open 1.2.x before 1.2.23, 1.4.x before 1.4.9, and Asterisk Appliance Developer Kit before 0.6.0, when configured to allow unauthenticated calls, allows remote attackers to cause a denial of service resource exhaustion via a flood of calls that do not...

7.8CVSS6.9AI score0.05943EPSS
Exploits0References3
OSV
OSV
added 2021/12/16 5:15 a.m.27 views

CVE-2021-45098

An issue was discovered in Suricata before 6.0.4. It is possible to bypass/evade any HTTP-based signature by faking an RST TCP packet with random TCP options of the md5header from the client side. After the three-way handshake, it's possible to inject an RST ACK with a random TCP md5header option...

7.5CVSS6.7AI score
Exploits0References5
Prion
Prion
added 2021/12/16 5:15 a.m.19 views

Design/Logic Flaw

An issue was discovered in Suricata before 6.0.4. It is possible to bypass/evade any HTTP-based signature by faking an RST TCP packet with random TCP options of the md5header from the client side. After the three-way handshake, it's possible to inject an RST ACK with a random TCP md5header option...

5CVSS7.5AI score0.01824EPSS
Exploits1References4Affected Software2
Debian CVE
Debian CVE
added 2021/12/16 4:7 a.m.26 views

CVE-2021-45098

An issue was discovered in Suricata before 6.0.4. It is possible to bypass/evade any HTTP-based signature by faking an RST TCP packet with random TCP options of the md5header from the client side. After the three-way handshake, it's possible to inject an RST ACK with a random TCP md5header option...

7.5CVSS7.5AI score0.01824EPSS
Exploits1
Akamai Blog
Akamai Blog
added 2021/09/21 1:0 p.m.14 views

What Is a TCP Three-Way Handshake?

The TCP three-way handshake is one of the critical building blocks of the internet. It facilitates the smooth and consistent flow of information across and among different networks without compromising security...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2016/05/09 12:0 a.m.60 views

Cisco IOS Software and IOS XE Software TCP Packet Memory Leak Vulnerability

A vulnerability in the TCP input module of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak and eventual reload of the affected device. The vulnerability is due to improper handling of certain crafted packet sequences used in establishing ...

7.8CVSS9.5AI score0.03807EPSS
Exploits0References6
CNVD
CNVD
added 2015/11/13 12:0 a.m.5 views

Microsoft Windows Schannel TLS Three Times Handshake Vulnerability

Microsoft Windows is a family of operating systems released by Microsoft Corporation in the U.S. Microsoft Schannel or Secure Channel is one of the Security Support Providers SSPs that implements the Secure Socket Layer SSL and Transport Layer Security TLS protocols and provides authentication...

5.8CVSS6.6AI score0.02812EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/04/03 12:0 a.m.92 views

Cisco IOS Software TCP Memory Leak DoS (cisco-sa-20150325-tcpleak)

According to its self-reported version, the Cisco IOS software running on the remote device is affected by a memory leak issue in the TCP input module when establishing a three-way handshake. An unauthenticated, remote attacker can exploit this issue, via specially crafted TCP packets, to consume...

7.8CVSS7.7AI score0.03807EPSS
Exploits0References3
Cisco
Cisco
added 2015/03/25 4:0 p.m.63 views

Cisco IOS Software and IOS XE Software TCP Packet Memory Leak Vulnerability

A vulnerability in the TCP input module of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak and eventual reload of the affected device. The vulnerability is due to improper handling of certain crafted packet sequences used in establishing ...

7.8CVSS6.5AI score0.03807EPSS
Exploits0References1
securityvulns
securityvulns
added 2011/01/28 12:0 a.m.150 views

Cisco Security Advisory: Cisco Content Services Gateway Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco Content Services Gateway Vulnerabilities Advisory ID: cisco-sa-20110126-csg2 http://www.cisco.com/warp/public/707/cisco-sa-20110126-csg2.shtml Revision 1.0 For Public Release 2011 January 26 1600 UTC GMT...

7.8CVSS1.1AI score0.04086EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/09/01 12:0 a.m.27 views

Cisco IOS Software TCP Denial of Service Vulnerability - Cisco Systems

Cisco IOS Software Release, 15.12T is affected by a denial of service DoS vulnerability during the TCP establishment phase. The vulnerability could cause embryonic TCP connections to remain in a SYNRCVD or SYNSENT state. Enough embryonic TCP connections in these states could consume system...

7.8CVSS5.6AI score0.0177EPSS
Exploits0References3
F5 Networks
F5 Networks
added 2009/09/07 12:0 a.m.190 views

SOL10509 - Sockstress DoS tool vulnerability CVE-2008-4609

Sockstress DoS tool CVE-2008-4609. The TCP implementation in 1 Linux, 2 platforms based on BSD Unix, 3 Microsoft Windows, 4 Cisco products, and probably other operating systems allows remote attackers to cause a denial of service connection queue exhaustion via multiple vectors that manipulate...

7.1CVSS9.3AI score0.32123EPSS
Exploits1
OSV
OSV
added 2008/04/23 4:5 p.m.3 views

DEBIAN-CVE-2008-1897

The IAX2 channel driver chaniax2 in Asterisk Open Source 1.0.x, 1.2.x before 1.2.28, and 1.4.x before 1.4.19.1; Business Edition A.x.x, B.x.x before B.2.5.2, and C.x.x before C.1.8.1; AsteriskNOW before 1.0.3; Appliance Developer Kit 0.x.x; and s800i before 1.1.0.3, when configured to allow...

4.3CVSS6.9AI score0.02743EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2008/04/23 12:0 a.m.4 views

PT-2008-3425 · Digium +1 · Appliance Developer Kit +4

Name of the Vulnerable Software and Affected Versions: Asterisk Open Source versions 1.0.x through 1.2.27 and versions 1.4.x through 1.4.18 Asterisk Business Edition versions A.x.x through B.2.5.1 and versions C.x.x through C.1.8.0 AsteriskNOW versions prior to 1.0.3 Appliance Developer Kit...

4.3CVSS6.3AI score0.02743EPSS
Exploits1References31
OSV
OSV
added 2007/07/31 10:17 a.m.4 views

DEBIAN-CVE-2007-4103

The IAX2 channel driver chaniax2 in Asterisk Open 1.2.x before 1.2.23, 1.4.x before 1.4.9, and Asterisk Appliance Developer Kit before 0.6.0, when configured to allow unauthenticated calls, allows remote attackers to cause a denial of service resource exhaustion via a flood of calls that do not...

7.5CVSS6.9AI score0.05943EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2007/07/31 12:0 a.m.6 views

PT-2007-5305 · Digium · Asterisk Appliance Developer Kit +1

Name of the Vulnerable Software and Affected Versions: Asterisk Open versions 1.2.x through 1.2.22 Asterisk Open versions 1.4.x through 1.4.8 Asterisk Appliance Developer Kit versions prior to 0.6.0 Description: The issue allows remote attackers to cause a denial of service, resulting in resource...

7.8CVSS7.5AI score0.05943EPSS
Exploits0References15
Rows per page
Query Builder