SA45654 - Multiple OpenSSL Vulnerabilities in Layer 2 network filtering capabilities

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. Multiple vulnerabilities were discovered with respect to Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0...

PT-2022-4863 · Cisco · Cisco Ios +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to the implementation of the Ethernet encapsulation protocol, specifically concerning the combination of headers. This could allow ...

PT-2022-9876 · Ieee +1 · 802.2 +3

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue allows Layer 2 network filtering capabilities, such as IPv6 RA guard, to be bypassed. This can be achieved by using specific combinations of VLAN 0 headers, LLC/SNAP...

PT-2022-9878 · Ieee +1 · 802.2 +3

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue allows Layer 2 network filtering capabilities, such as IPv6 RA guard, to be bypassed. This can be achieved by utilizing LLC/SNAP headers with...

DEBIAN-CVE-2004-1096

Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system...

CVE-2004-0936

CVE-2004-0936 refers to a ZIP header manipulation vulnerability affecting anti-virus engines (notably RAV) where both local and global ZIP headers can be set to zero, allowing a compressed file to bypass protection and still be opened. The connected sources describe a proof-of-concept and public ...