73 matches found
openSUSE Security Update : quagga (openSUSE-2017-551)
This update for quagga to version 1.1.1 fixes the following issues : This security issue was fixed : - CVE-2017-5495: Quagga was vulnerable to an unbounded memory allocation in the telnet 'vty' CLI, leading to a Denial-of-Service of Quagga daemons, or even the entire host. When Quagga daemons are...
Quagga VTY Interface Denial of Service (CVE-2017-5495)
A denial-of-service vulnerability has been discovered in Quagga. The vulnerability is due to an input validation error in the Quagga VTY service. A remote attacker can exploit this vulnerability by sending data without a newline character to a Quagga daemon's VTY interface...
CVE-2017-5495
CVE-2017-5495 affects Quagga 0.93–1.1.0, where the telnet vty CLI input buffer can grow without bound when no newline is entered. This unbounded memory allocation allows a remote attacker who can connect to the Quagga telnet ports (often exposed locally) to cause Denial-of-Service to Quagga daemo...
UBUNTU-CVE-2017-5495
All versions of Quagga, 0.93 through 1.1.0, are vulnerable to an unbounded memory allocation in the telnet 'vty' CLI, leading to a Denial-of-Service of Quagga daemons, or even the entire host. When Quagga daemons are configured with their telnet CLI enabled, anyone who can connect to the TCP port...
Cisco cBR-8 Converged Broadband Router vty Integrity Vulnerability
A vulnerability in Cisco IOS XE Software running on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause a configuration integrity change to the vty line configuration on an affected device. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptio...
Cisco IOS Software SSH Version 2 RSA-Based User Authentication Bypass Vulnerability (cisco-sa-20150923-sshpk)
A vulnerability in the SSH version 2 SSHv2 protocol implementation of Cisco IOS Software could allow an unauthenticated, remote attacker to bypass user authentication. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright ...
Huawei Switches Permission Control Privilege Escalation (HWPSIRT-2015-08048)
The remote Huawei switch is affected by a privilege escalation vulnerability related to improper interaction of user permissions when Authentication, Authorization, and Accounting AAA are enabled for permission control on the switch. An authenticated, remote attacker can exploit this to access th...
Security Advisory - Permission Control Vulnerability in Some Huawei Switches
Some Huawei switches have a permission control vulnerability. If a switch enables Authentication, Authorization and Accounting AAA for permission control and user permissions are not appropriate, AAA users may obtain the virtual type terminal VTY access permission, resulting in privilege...
Cisco IOS and IOS XE Software SSH Version 2 RSA-Based User Authentication Bypass Vulnerability
A vulnerability in the SSH version 2 SSHv2 protocol implementation of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to bypass user authentication. Successful exploitation could allow the attacker to log in with the privileges of the user or the privileges configure...
Cisco IOS XR SSH Link Termination Denial of Service Vulnerability
Cisco IOS XR is a member of the Cisco IOS software family and uses a microkernel-based distribution operating system architecture. A security vulnerability in Cisco IOS XR SSH handling allows a remote authenticated user to disconnect the SSH link making the vty unstable and subsequent SSH or Teln...
CVE-2015-4195
Cisco IOS XR 5.1.1.K9SEC is affected by CVE-2015-4195 where an authenticated remote attacker can trigger a denial of service by crafting an SSH disconnect action, making the vty inaccessible and causing SSH/Telnet outages. The root cause is an error in SSH disconnect handling. Cisco has published...
Cisco IOS XR SSH Disconnect Error Denial of Service Vulnerability
A vulnerability in Cisco IOS XR Software could allow an authenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to an error that could occur in the affected software when an SSH connection is disconnected from an affected device. An authenticated, remot...
Cisco IOS Bind Shellcode 1.0
No description provided by source. ---------------------------------------------------------------------------------------- Cisco IOS Bind shellcode v1.0 c 2007 IRM Plc By Varun Uppal ---------------------------------------------------------------------------------------- The code creates a new...
CVE-2012-5036
Cisco IOS before 12.250SY1 allows remote authenticated users to cause a denial of service memory consumption via a sequence of VTY management sessions aka exec sessions, aka Bug ID CSCtn43662...
Code injection
Cisco IOS before 12.250SY1 allows remote authenticated users to cause a denial of service memory consumption via a sequence of VTY management sessions aka exec sessions, aka Bug ID CSCtn43662...
CVE-2012-5036
Cisco IOS before 12.250SY1 allows remote authenticated users to cause a denial of service memory consumption via a sequence of VTY management sessions aka exec sessions, aka Bug ID CSCtn43662...
CVE-2013-6979
The VTY authentication implementation in Cisco IOS XE 03.02.xxSE and 03.03.xxSE incorrectly relies on the Linux-IOS internal-network configuration, which allows remote attackers to bypass authentication by leveraging access to a 192.168.x.2 source IP address, aka Bug ID CSCuj90227...
CVE-2013-6979
CVE-2013-6979 affects Cisco IOS XE 03.02.xxSE and 03.03.xxSE. The VTY authentication check relies on the Linux-IOS internal-network config, allowing an unauthenticated, remote attacker to bypass authentication if their source address is in 192.168.x.2 and they have IP connectivity to the device. ...
CVE-2013-6979
The VTY authentication implementation in Cisco IOS XE 03.02.xxSE and 03.03.xxSE incorrectly relies on the Linux-IOS internal-network configuration, which allows remote attackers to bypass authentication by leveraging access to a 192.168.x.2 source IP address, aka Bug ID CSCuj90227...
AIX 710000 : U833038
The remote host is missing AIX PTF U833038 which is related to the security of the package devices.vdevice.vty-server.rte.7.1.0.15 You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0;...