Lucene search
+L

73 matches found

Tenable Nessus
Tenable Nessus
added 2017/05/09 12:0 a.m.48 views

openSUSE Security Update : quagga (openSUSE-2017-551)

This update for quagga to version 1.1.1 fixes the following issues : This security issue was fixed : - CVE-2017-5495: Quagga was vulnerable to an unbounded memory allocation in the telnet 'vty' CLI, leading to a Denial-of-Service of Quagga daemons, or even the entire host. When Quagga daemons are...

7.8CVSS7.3AI score0.18803EPSS
Exploits0References3
Check Point Advisories
Check Point Advisories
added 2017/04/03 12:0 a.m.6 views

Quagga VTY Interface Denial of Service (CVE-2017-5495)

A denial-of-service vulnerability has been discovered in Quagga. The vulnerability is due to an input validation error in the Quagga VTY service. A remote attacker can exploit this vulnerability by sending data without a newline character to a Quagga daemon's VTY interface...

7.8CVSS4AI score0.18803EPSS
Exploits0
CVE
CVE
added 2017/01/24 7:40 a.m.152 views

CVE-2017-5495

CVE-2017-5495 affects Quagga 0.93–1.1.0, where the telnet vty CLI input buffer can grow without bound when no newline is entered. This unbounded memory allocation allows a remote attacker who can connect to the Quagga telnet ports (often exposed locally) to cause Denial-of-Service to Quagga daemo...

7.8CVSS7.3AI score0.18803EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2017/01/24 12:0 a.m.2 views

UBUNTU-CVE-2017-5495

All versions of Quagga, 0.93 through 1.1.0, are vulnerable to an unbounded memory allocation in the telnet 'vty' CLI, leading to a Denial-of-Service of Quagga daemons, or even the entire host. When Quagga daemons are configured with their telnet CLI enabled, anyone who can connect to the TCP port...

7.5CVSS7.1AI score0.18803EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2016/10/14 12:0 a.m.37 views

Cisco cBR-8 Converged Broadband Router vty Integrity Vulnerability

A vulnerability in Cisco IOS XE Software running on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause a configuration integrity change to the vty line configuration on an affected device. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptio...

5.9CVSS5.8AI score0.01221EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2016/05/03 12:0 a.m.23 views

Cisco IOS Software SSH Version 2 RSA-Based User Authentication Bypass Vulnerability (cisco-sa-20150923-sshpk)

A vulnerability in the SSH version 2 SSHv2 protocol implementation of Cisco IOS Software could allow an unauthenticated, remote attacker to bypass user authentication. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright ...

9.3CVSS5.4AI score0.04388EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/03/01 12:0 a.m.21 views

Huawei Switches Permission Control Privilege Escalation (HWPSIRT-2015-08048)

The remote Huawei switch is affected by a privilege escalation vulnerability related to improper interaction of user permissions when Authentication, Authorization, and Accounting AAA are enabled for permission control on the switch. An authenticated, remote attacker can exploit this to access th...

5.6AI score
Exploits0References1
Huawei
Huawei
added 2016/02/17 12:0 a.m.29 views

Security Advisory - Permission Control Vulnerability in Some Huawei Switches

Some Huawei switches have a permission control vulnerability. If a switch enables Authentication, Authorization and Accounting AAA for permission control and user permissions are not appropriate, AAA users may obtain the virtual type terminal VTY access permission, resulting in privilege...

7.5CVSS7.6AI score0.00789EPSS
Exploits0Affected Software6
Cisco
Cisco
added 2015/09/23 4:0 p.m.60 views

Cisco IOS and IOS XE Software SSH Version 2 RSA-Based User Authentication Bypass Vulnerability

A vulnerability in the SSH version 2 SSHv2 protocol implementation of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to bypass user authentication. Successful exploitation could allow the attacker to log in with the privileges of the user or the privileges configure...

9.3CVSS6.7AI score0.04388EPSS
Exploits0References1
CNVD
CNVD
added 2015/06/23 12:0 a.m.3 views

Cisco IOS XR SSH Link Termination Denial of Service Vulnerability

Cisco IOS XR is a member of the Cisco IOS software family and uses a microkernel-based distribution operating system architecture. A security vulnerability in Cisco IOS XR SSH handling allows a remote authenticated user to disconnect the SSH link making the vty unstable and subsequent SSH or Teln...

4CVSS6.8AI score0.01647EPSS
Exploits0References1
CVE
CVE
added 2015/06/19 1:0 a.m.46 views

CVE-2015-4195

Cisco IOS XR 5.1.1.K9SEC is affected by CVE-2015-4195 where an authenticated remote attacker can trigger a denial of service by crafting an SSH disconnect action, making the vty inaccessible and causing SSH/Telnet outages. The root cause is an error in SSH disconnect handling. Cisco has published...

4CVSS6.4AI score0.01647EPSS
Exploits0References3Affected Software1
Cisco
Cisco
added 2015/06/18 1:50 p.m.30 views

Cisco IOS XR SSH Disconnect Error Denial of Service Vulnerability

A vulnerability in Cisco IOS XR Software could allow an authenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to an error that could occur in the affected software when an SSH connection is disconnected from an affected device. An authenticated, remot...

4CVSS6.4AI score0.01647EPSS
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.121 views

Cisco IOS Bind Shellcode 1.0

No description provided by source. ---------------------------------------------------------------------------------------- Cisco IOS Bind shellcode v1.0 c 2007 IRM Plc By Varun Uppal ---------------------------------------------------------------------------------------- The code creates a new...

7.1AI score
Exploits0
NVD
NVD
added 2014/04/23 11:52 a.m.18 views

CVE-2012-5036

Cisco IOS before 12.250SY1 allows remote authenticated users to cause a denial of service memory consumption via a sequence of VTY management sessions aka exec sessions, aka Bug ID CSCtn43662...

6.8CVSS6.2AI score0.0107EPSS
Exploits0References1
Prion
Prion
added 2014/04/23 11:52 a.m.27 views

Code injection

Cisco IOS before 12.250SY1 allows remote authenticated users to cause a denial of service memory consumption via a sequence of VTY management sessions aka exec sessions, aka Bug ID CSCtn43662...

6.8CVSS6.7AI score0.0107EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2014/04/23 10:0 a.m.25 views

CVE-2012-5036

Cisco IOS before 12.250SY1 allows remote authenticated users to cause a denial of service memory consumption via a sequence of VTY management sessions aka exec sessions, aka Bug ID CSCtn43662...

6.2AI score0.0107EPSS
Exploits0References1
NVD
NVD
added 2013/12/23 10:55 p.m.21 views

CVE-2013-6979

The VTY authentication implementation in Cisco IOS XE 03.02.xxSE and 03.03.xxSE incorrectly relies on the Linux-IOS internal-network configuration, which allows remote attackers to bypass authentication by leveraging access to a 192.168.x.2 source IP address, aka Bug ID CSCuj90227...

5.4CVSS6.9AI score0.03602EPSS
Exploits0References5
CVE
CVE
added 2013/12/23 10:0 p.m.56 views

CVE-2013-6979

CVE-2013-6979 affects Cisco IOS XE 03.02.xxSE and 03.03.xxSE. The VTY authentication check relies on the Linux-IOS internal-network config, allowing an unauthenticated, remote attacker to bypass authentication if their source address is in 192.168.x.2 and they have IP connectivity to the device. ...

5.4CVSS7.1AI score0.03602EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2013/12/23 10:0 p.m.23 views

CVE-2013-6979

The VTY authentication implementation in Cisco IOS XE 03.02.xxSE and 03.03.xxSE incorrectly relies on the Linux-IOS internal-network configuration, which allows remote attackers to bypass authentication by leveraging access to a 192.168.x.2 source IP address, aka Bug ID CSCuj90227...

6.9AI score0.03602EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2011/05/17 12:0 a.m.14 views

AIX 710000 : U833038

The remote host is missing AIX PTF U833038 which is related to the security of the package devices.vdevice.vty-server.rte.7.1.0.15 You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0;...

5.5AI score
Exploits0
Rows per page
Query Builder