227 matches found
Stack overflow
bgpd/bgplabel.c in FRRouting FRR before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing...
UBUNTU-CVE-2023-38407
bgpd/bgplabel.c in FRRouting FRR before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing...
CVE-2023-38407
bgpd/bgplabel.c in FRRouting FRR before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing...
CVE-2023-38407
bgpd/bgplabel.c in FRRouting FRR before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing...
CVE-2023-38407
bgpd/bgplabel.c in FRRouting FRR before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing...
OPENSUSE-SU-2023:0267-1 Security update for tcpreplay
This update for tcpreplay fixes the following issues: Update to 4.4.4: overflow check fix for parsempls. tcpreplay-edit: prevent L2 flooding of ipv6 unicast packets. CVE-2023-27786: bugs caused by strtokr. boo1209416 CVE-2023-27783 reachable assert in tcpeditdltcleanup boo1209413 reachable assert...
FreeBSD -- Wi-Fi encryption bypass
Problem Description: The net80211 subsystem would fallback to the multicast key for unicast traffic in the event the unicast key was removed. This would result in buffered unicast traffic being exposed to any stations with access to the multicast key. Impact: As described in the "Framing Frames:...
CVE-2023-3748
A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are intended to be ignored. This issue may allow an attacker to send specially crafted hello messages with the unicast flag set, the interval field set to 0, or any TLV that contains a sub-TLV with the Mandatory...
DEBIAN-CVE-2023-3748
A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are intended to be ignored. This issue may allow an attacker to send specially crafted hello messages with the unicast flag set, the interval field set to 0, or any TLV that contains a sub-TLV with the Mandatory...
Design/Logic Flaw
A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are intended to be ignored. This issue may allow an attacker to send specially crafted hello messages with the unicast flag set, the interval field set to 0, or any TLV that contains a sub-TLV with the Mandatory...
CVE-2023-3748 Inifinite loop in babld message parsing may cause dos
A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are intended to be ignored. This issue may allow an attacker to send specially crafted hello messages with the unicast flag set, the interval field set to 0, or any TLV that contains a sub-TLV with the Mandatory...
CVE-2023-3748
CVE-2023-3748 affects FRRouting (FRR) where parsing of certain babeld unicast hello messages that are intended to be ignored can be abused by sending crafted Hello messages with the unicast flag set, the interval field as 0, or a TLV containing a sub‑TLV with the Mandatory flag. This can enter an...
CVE-2023-3748 Inifinite loop in babld message parsing may cause dos
A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are intended to be ignored. This issue may allow an attacker to send specially crafted hello messages with the unicast flag set, the interval field set to 0, or any TLV that contains a sub-TLV with the Mandatory...
PT-2023-9209 · Frrouting +4 · Frrouting +4
Name of the Vulnerable Software and Affected Versions: FRRouting affected versions not specified Description: A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are intended to be ignored. This issue may allow an attacker to send specially crafted hello messages...
SUSE CVE-2023-3748
A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are intended to be ignored. This issue may allow an attacker to send specially crafted hello messages with the unicast flag set, the interval field set to 0, or any TLV that contains a sub-TLV with the Mandatory...
PT-2023-9206 · Frrouting +9 · Frrouting +9
Name of the Vulnerable Software and Affected Versions: FRRouting versions prior to 8.5 Description: The issue is related to the bgpd/bgp label.c file in FRRouting, which attempts to read beyond the end of the stream during labeled unicast parsing. This can be exploited by a remote attacker to cau...
K16844: Multicast DNS vulnerability VU#550620
Security Advisory Description Multicast DNS implementations may respond to unicast queries that originate from sources outside of the local link network. Such responses may disclose information about network devices or be used in denial-of-service DoS amplification attacks. VU550620 Impact None. ...
SUSE CVE-2009-0758
The originatesfromlocallegacyunicastsocket function in avahi-core/server.c in avahi-daemon 0.6.23 does not account for the network byte order of a port number when processing incoming multicast packets, which allows remote attackers to cause a denial of service network bandwidth and CPU consumpti...
SUSE CVE-2010-2522
The mipv6 daemon in UMIP 0.4 does not verify that netlink messages originated in the kernel, which allows local users to spoof netlink socket communication via a crafted unicast message...
SUSE CVE-2011-3605
The processrs function in the router advertisement daemon radvd before 1.8.2, when UnicastOnly is enabled, allows remote attackers to cause a denial of service temporary service hang via a large number of NDROUTERSOLICIT requests...