79 matches found
CVE-2019-17389
In RIOT 2019.07, the MQTT-SN implementation asymcute mishandles errors occurring during a read operation on a UDP socket. The receive loop ends. This allows an attacker via a large packet to prevent a RIOT MQTT-SN client from working until the device is restarted...
Design/Logic Flaw
In RIOT 2019.07, the MQTT-SN implementation asymcute mishandles errors occurring during a read operation on a UDP socket. The receive loop ends. This allows an attacker via a large packet to prevent a RIOT MQTT-SN client from working until the device is restarted...
CVE-2019-17389
In RIOT 2019.07, the MQTT-SN implementation (asymcute) mishandles errors during a UDP read, causing the receive loop to terminate. This can allow an attacker to disrupt a RIOT MQTT-SN client by sending a large packet, preventing operation until the device is restarted. (CVE-2019-17389)
Remote Code Execution (RCE)
log4j is vulnerable to remote code execution RCE. A malicious user can pass a malicious binary to the system that when deserialized, executes arbitrary code. This only affects applications that are using the TCP socket server or the UDP socket server to receive log events from another application...
Code injection
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code...
CVE-2017-5645
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code...
MobaXterm Personal Edition 9.4 Path Traversal
Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MOBAXTERM-TFTP-PATH-TRAVERSAL-REMOTE-FILE-ACCESS.txt + ISR: ApparitionSec Vendor: ===================== mobaxterm.mobatek.net Product: ===============================...
Fedora 22 : qemu-2.3.1-7.fc22 (2015-d5c1048b47)
CVE-2015-7295: virtio-net possible remote DoS bz 1264393 drive-mirror: Fix coroutine reentrance bz 1266936 Fix udp socket 'localaddr' bz 1268708 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...
LBreakOut2 2.x Login Remote Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8021/info It has been reported that lbreakout2 is vulnerable to a format string issue in the login component. This may result in an attacker executing arbitrary code on a vulnerable host. / lbreakout2-2.5+: remote format...
Oracle Linux 5 / 6 : java-1.6.0-openjdk (ELSA-2011-1380)
The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-1380 advisory. 1:1.6.0.0-1.40.1.9.10 - Resolves: rhbz744788 - Bumped to IcedTea6 1.9.8 -removed font copying Security fixes - S7000600, CVE-2011-3547: InputStream...
RHEL 6 : java-1.6.0-ibm (RHSA-2012:0034)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0034 advisory. The IBM Java SE version 6 release includes the IBM Java 6 Runtime Environment and the IBM Java 6 Software Development Kit. This update fixes...
OpenJDK: excessive default UDP socket limit under SecurityManager (Networking, 7032417)
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.233 and earlier allows remote attackers to affect integrity via unknown vectors related to Networking...
RHEL 5 / 6 : java-1.6.0-openjdk (RHSA-2011:1380)
The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:1380 advisory. These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. A flaw was found in the Java R...
Null pointer dereference
The udpsendmsg function in the UDP implementation in 1 net/ipv4/udp.c and 2 net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service NULL pointer dereference and system crash via vectors involving the MSGMORE flag and a UDP socket...
CVE-2009-2698
The udpsendmsg function in the UDP implementation in 1 net/ipv4/udp.c and 2 net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service NULL pointer dereference and system crash via vectors involving the MSGMORE flag and a UDP socket...
RHEL 5 : kernel (RHSA-2009:1222)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2009:1222 advisory. - kernel: uninit op in SOCKOPSWRAP leads to privesc CVE-2009-2692 - kernel: udp socket NULL ptr dereference CVE-2009-2698 Note that Nessus h...
WengoPhone 2.x SIP Phone Remote Denial of Service Exploit
Exploit for unknown platform in category dos / poc ========================================================= WengoPhone 2.x SIP Phone Remote Denial of Service Exploit ========================================================= /main.cpp/ include include using namespace std; ifdef WIN32 include prag...
3Com TFTP Service (3CTftpSvc) 2.0.1 - Long Transporting Mode Remote Overflow
3Com TFTP Service 3CTftpSvc 2.0.1 - Long Transporting Mode Remote Overflow 3comtftpdxpsp2.rb Copyright C cthulhu This is a poc intended to exploit the 3Com TFTP Service version 2.0.1 long transporting mode buffer overflow under xp sp2 english Vulnerability discovered by Liu Qixu Usage : ruby...
Snort <= 2.4.2 Back Orifice Pre-Preprocessor Remote Exploit (4)
Exploit for linux platform in category remote exploits =============================================================== Snort hey xwings 03:07 why don't you come up and see me sometime? Tested on : Linux debian24 2.4.27-2-386 1 Mon May 16 16:47:51 JST 2005 i686 GNU/Linux gcc version 3.3.5 Debian...