29 matches found
EUVD-2020-9464
Malware in sbrugna...
EUVD-2021-18310
Malware in sbrugna...
EUVD-2024-52827
Malicious code in bioql PyPI...
SUSE CVE-2024-55629
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...
CVE-2024-55629
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...
DEBIAN-CVE-2024-55629
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...
UBUNTU-CVE-2024-55629
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...
CVE-2024-55629 Suricata generic detection bypass using TCP urgent support
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...
CVE-2024-55629 Suricata generic detection bypass using TCP urgent support
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...
CVE-2024-55629
CVE-2024-55629 affects Suricata prior to 7.0.8, where TCP urgent data handling could cause data to be analyzed differently than at endpoints, enabling evasions. In IPS mode, administrator can drop urgent-data packets via rules (e.g., tcp.flags:U*). The issue is addressed in Suricata 7.0.8 and lat...
CVE-2024-55629
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...
CVE-2024-55629 Suricata generic detection bypass using TCP urgent support
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...
RHEL 6 : open-iscsi (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Open-iSCSI: invalid handing of the TCP urgent data pointer CVE-2020-17437 - An issue was discovered in...
RHEL 5 : open-iscsi (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Open-iSCSI: invalid handing of the TCP urgent data pointer CVE-2020-17437 - An issue was discovered in...
telnet-server: no bounds checks in nextitem() function allows to remotely execute arbitrary code
A vulnerability was found where incorrect bounds checks in the telnet server’s telnetd handling of short writes and urgent data, could lead to information disclosure and corruption of heap data. An unauthenticated remote attacker could exploit these bugs by sending specially crafted telnet packet...
USN-5048-2 inetutils vulnerability
USN-5048-1 fixed a vulnerability in Inetutils for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. This update provides the corresponding fixes for Ubuntu 16.04 ESM. Original advisory details: It was discovered that Inetutils telnet server allows remote attackers to execute arbitrary code via short writes ...
USN-5048-1 inetutils vulnerability
It was discovered that Inetutils telnet server allows remote attackers to execute arbitrary code via short writes or urgent data. An attacker could use this vulnerability to cause a DoS or possibly execute arbitrary code...
CVE-2021-31400
An issue was discovered in tcppulloutofband in tcpin.c in HCC embedded InterNiche 4.0.1. The TCP out-of-band urgent-data processing function invokes a panic function if the pointer to the end of the out-of-band data points outside of the TCP segment's data. If the panic function hadn't a trap...
Design/Logic Flaw
An issue was discovered in tcppulloutofband in tcpin.c in HCC embedded InterNiche 4.0.1. The TCP out-of-band urgent-data processing function invokes a panic function if the pointer to the end of the out-of-band data points outside of the TCP segment's data. If the panic function hadn't a trap...
Contiki Buffer Overflow Vulnerability
Contiki is an open source, highly portable, networked multitasking operating system for memory-constrained systems. Contiki suffers from a buffer overflow vulnerability that stems from not performing integrity checks on the value of the urgent data pointer, allowing an attacker to corrupt memory ...