42 matches found
CVE-2018-15473
OpenSSH vulnerability CVE-2018-15473 affects OpenSSH up to version 7.7, where the server may enumerate valid usernames by returning different responses for invalid authentication attempts due to not delaying bailout until after the request packet is parsed (auth2-gss.c, auth2-hostbased.c, auth2-p...
CVE-2016-10708
OpenSSH sshd before 7.4 is vulnerable to a denial of service caused by a NULL pointer dereference when processing an out-of-sequence NEWKEYS message (kex.c/packet.c). This affects the OpenSSH server; exploitation leads to daemon crash as demonstrated by Honggfuzz. Affected products include OpenSS...
CVE-2020-1971
CVE-2020-1971 is described across multiple connected sources as a NULL-dereference in OpenSSL’s GENERAL_NAME_cmp when EDIPARTYNAME is present, potentially enabling a denial-of-service crash. Affected OpenSSL versions include all 1.1.1 and 1.0.2 lines; fixes are published in OpenSSL 1.1.1i and Ope...
CVE-2020-11868
NTOP vulnerability CVE-2020-11868 affects ntp in ntp (before 4.2.8p14 and 4.3.x before 4.3.100). An off-path attacker can block unauthenticated synchronization by sending a server-mode packet with a spoofed source IP, because transmissions can be rescheduled even when the origin timestamp is inva...
CVE-2020-13817
CVE-2020-13817 affects ntp’s ntpd prior to 4.2.8p14 and 4.3.x prior to 4.3.100. An off‑path attacker can predict transmit timestamps in spoofed UDP packets to remote ntpd, causing a DoS via daemon exit or system time change when the victim relies on unauthenticated IPv4 time sources. Connected so...
CVE-2019-8936
CVE-2019-8936 concerns NTP (ntpd) up to version 4.2.8p12. The vulnerability arises from a NULL pointer dereference in mode 6 handling, which can cause ntpd to crash and thus a denial of service. Public documents describe authenticated-mode mode-6 packet exploitation and a crash vector, with multi...
CVE-2015-7871
CVE-2015-7871 is an authentication-bypass vulnerability in ntpd caused by handling of crypto-NAK packets. A remote, unauthenticated attacker could force ntpd to peer with attacker-controlled time sources, bypassing authentication and potentially tampering time data. Affected series include NTP 4....
CVE-2016-8610
CVE-2016-8610 is a denial-of-service flaw in OpenSSL affecting TLS/SSL alert packet processing during handshakes. The issue exists in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0, enabling a remote attacker to cause high CPU usage and denial of service by sending many alert messages. Con...
CVE-2018-18066
Net-SNMP CVE-2018-18066 is a NULL pointer dereference in snmp_oid_compare() within snmplib/snmp_api.c, affecting Net-SNMP versions before 5.8. An unauthenticated remote attacker can crash the agent by sending a crafted UDP packet, enabling a Denial of Service. Affected product scope includes Net-...
CVE-2018-18065
CVE-2018-18065 affects Net-SNMP before 5.8. The vulnerability is a NULL pointer dereference in _set_key within agent/helpers/table_container.c, which an authenticated attacker can exploit by sending a crafted UDP packet to remotely crash the SNMP service (DoS). Documented CVSS v3 base score is 6....
CVE-2015-7853
CVE-2015-7853 affects the refclock driver in ntpd (NTP) with the datalen parameter: in NTP 4.2.x before 4.2.8p4 and 4.3.x before 4.3.77, a negative datalen value can overflow a data buffer, enabling remote attackers to execute arbitrary code or cause a crash. Concrete details across connected adv...
CVE-2015-7705
CVE-2015-7705 describes a DoS vulnerability in NTP’s rate-limiting: remote attackers can cause a client to delay/stop querying time sources by sending forged Kiss-of-Death messages. Affected are NTPd 4.x before 4.2.8p4 and 4.3.x before 4.3.77; multiple vendors (e.g., F5 BIG-IP, Debian, Arista/EOS...
CVE-2015-7704
CVE-2015-7704 describes a denial-of-service in ntpd caused by handling of Kiss-of-Death (KoD) messages. The issue arises from KoD processing that could delay or stop querying time sources. Affected software: ntpd in NTP 4.x prior to 4.2.8p4 and 4.3.x prior to 4.3.77. Impact: unauthenticated remot...
CVE-2015-7691
CVE-2015-7691 affects ntpd’s crypto_xmit handling in NTP 4.2.x (before 4.2.8p4) and 4.3.x (before 4.3.77). The flaw arises from incomplete validation of autokey operations in crafted packets, allowing a remote attacker to crash ntpd (denial of service). This is tied to an incomplete fix of CVE-20...
CVE-2016-2518
CVE-2016-2518 affects NTP ntpd: MATCH_ASSOC() can trigger an out-of-bounds reference when handling addpeer with a large hmode. Affected versions are ntpd before 4.2.8p9 and 4.3.x before 4.3.92. Impact is a potential crash/denial of service via crafted packets. Mitigation: upgrade to fixed release...
CVE-2015-7701
CVE-2015-7701 involves a memory leak in ntpd’s CRYPTO_ASSOC when autokey is enabled. Affected: ntpd in NTP 4.2.x before 4.2.8p4 and 4.3.x before 4.3.77. Impact: potential denial of service due to memory exhaustion. Remediation: upgrade to fixed ntp releases (e.g., 4.2.8p4+ or 4.3.77+); or disable...
CVE-2015-7692
CVE-2015-7692 affects ntpd (NTP) prior to 4.2.8p4 for 4.2.x and 4.3.77 for 4.3.x. The flaw is in the crypto_xmit function (ntp_crypto.c) and can cause remote DoS crashes. This entry notes it as a continuation of an incomplete fix for CVE-2014-9750. No specific patched versions are provided in the...
CVE-2015-7850
CVE-2015-7850 affects ntpd/NTP with remote configuration enabled; vulnerability caused by pointing the key file at the log file, leading to DoS (infinite loop or crash) and potentially large logs. Affected: ntpd in 4.2.x before 4.2.8p4 and 4.3.x before 4.3.77. Mitigation/remediation documented ac...
CVE-2015-7855
CVE-2015-7855 affects ntpd in NTP 4.2.x before 4.2.8p4 and 4.3.x before 4.3.77. The decodenetnum() function can assert-botch when processing mode 6 or mode 7 packets with an unusually long data value, enabling a remote attacker to cause ntpd to crash (denial of service). Public references indicat...
CVE-2015-7703
CVE-2015-7703: ntpd remote configuration feature exposes a file overwrite risk via the :config command when remote configuration is enabled and the attacker knows the configuration password. Affected: ntpd 4.2.x before 4.2.8p4 and 4.3.x before 4.3.77. Connected documents confirm this as a real vu...
CVE-2018-18605
CVE-2018-18605 affects GNU Binutils libbfd (BFD) where a heap-based buffer over-read occurs in sec_merge_hash_lookup during section merges when entsize does not divide the size. This can allow remote DoS via specially crafted ELF (as demonstrated by ld). Affected products reference Binutils 2.31;...
CVE-2015-7702
CVE-2015-7702 affects ntpd’s crypto_xmit implementation in NTP 4.2.x before 4.2.8p4 and 4.3.x before 4.3.77, allowing remote attackers to crash ntpd (DoS). The issue stems from an incomplete fix for CVE-2014-9750. Public advisories note the vulnerability and that updates have been released (e.g.,...
CVE-2018-18607
CVE-2018-18607 is a NULL pointer dereference in elf_link_input_bfd (elfin GNU Binutils libbfd) when locating STT_TLS symbols without a TLS section. A crafted ELF can cause denial of service (DoS); impact is consistent with DoS in affected Binutils 2.31, including remote triggering via ld in demon...
CVE-2015-7852
CVE-2015-7852 is an off-by-one vulnerability in ntpq’s cookedprint() which can allow a crafted mode 6 packet to cause a buffer overflow and crash ntpd. Public references (Debian DSA-3388-1, CentOS advisories) confirm ntpq/cookedprint as the vulnerable component and describe a DoS via remote craft...
CVE-2018-18606
CVE-2018-18606 affects GNU Binutils (libbfd). The issue is a NULL pointer dereference in _bfd_add_merge_section during merging of sections with large alignments, enabling DoS via crafted ELF. Multiple vendors document this under Binutils remediation; confirmed fixes involve upgrading Binutils to ...
CVE-2015-7849
CVE-2015-7849 is a use-after-free vulnerability in ntpd (NTP) affecting 4.2.x before 4.2.8p4 and 4.3.x before 4.3.77. The available connected documents describe that remote authenticated users can potentially execute arbitrary code or cause a denial of service (crash) by sending crafted NTP packe...
CVE-2015-7854
CVE-2015-7854 is a memory corruption vulnerability in ntpd’s password management. A crafted key file can trigger a buffer overflow, potentially crashing the daemon or allowing arbitrary code execution by remote authenticated users. Affected are NTP 4.2.x prior to 4.2.8p4 and 4.3.x prior to 4.3.77...
CVE-2021-26989
CVE-2021-26989 affects NetApp Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P9 and 9.8. A remote authenticated attacker could cause a Denial of Service in clustered Data ONTAP configured for SMB access. Connected sources reiterate impacted versions and DoS impact; some advisor...
CVE-2019-5502
CVE-2019-5502 affects NetApp Data ONTAP (7-Mode) prior to version 8.2.5P3. The SMB component uses weak cryptography, enabling an unauthenticated remote attacker to potentially disclose sensitive information or add/modify data. The vulnerability is documented with CVSS metrics indicating high impa...
CVE-2021-26988
CVE-2021-26988 affects NetApp Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P8 and 9.8. The issue allows unauthorized tenant users to discover information related to converting a 7-Mode directory to Cluster-mode, including SVM names, volume names, directory paths, and Job IDs....
CVE-2017-12859
Affected software: NetApp Data ONTAP 8.x.x (7-Mode in NFS environments) prior to 8.2.5. Vulnerability: remote denial of service via unspecified vectors; configured in 7-Mode NFS, exploitable by a remote attacker without authentication. Impact: denial of service; information on exploitation patter...
CVE-2018-5496
CVE-2018-5496 affects Data ONTAP in 7-Mode versions prior to 8.2.5P2, where a vulnerability allows disclosure of sensitive information to an unauthorized user. The available sources indicate this issue impacts those specific 7-Mode releases, but the documents do not provide additional technical d...
CVE-2016-6495
CVE-2016-6495 affects NetApp Data ONTAP prior to 8.2.4P5 when operated in 7-Mode. The vulnerability is an information-disclosure issue where remote attackers can obtain information about volumes configured for HTTP access. The available connected records corroborate an information-disclosure impa...
CVE-2015-7746
NetApp Data ONTAP operating in 7-Mode is affected in versions before 8.2.4. A remote attacker can bypass authentication and either obtain sensitive information from volumes or modify volumes via vectors related to UTF-8 in the volume language. This vulnerability is documented across multiple sour...
CVE-2015-8322
CVE-2015-8322 affects NetApp OnCommand System Manager 8.3.x prior to 8.3.2. The vulnerability allows remote authenticated users to execute arbitrary code via unspecified vectors. The connected documents do not specify the exact root cause, attack vectors, exploitation details, or affected subvers...
CVE-2016-3400
The CVE-2016-3400 issue affects NetApp Data ONTAP in 7-Mode (and related 8.1/8.2 lines). Vulnerable component is SMB protocol handling where SMB signing enforcement can fail, enabling man-in-the-middle attacks that may disclose sensitive data, elevate privileges, or cause a denial of service. IBM...
CVE-2019-5501
NetApp Data ONTAP (7-Mode) versions prior to 8.2.5P3 are affected by CVE-2019-5501, an information-disclosure vulnerability that can reveal sensitive LDAP account information to unauthenticated remote attackers. Details in the NVD entry and Nessus plugin confirm the affected product version range...
CVE-2015-7886
NetApp Data ONTAP before 8.2.4P1 is affected when 7-Mode and HTTP access are enabled. A remote attacker can obtain sensitive volume information via unspecified vectors. The vulnerability exists in versions prior to 8.2.4P1; mitigations include upgrading to 8.2.4P1 or later. The impact is informat...
CVE-2016-1895
NetApp Data ONTAP (clusters running before 8.2.5 or 8.3.x before 8.3.2P12) is affected by CVE-2016-1895. An authenticated remote attacker can cause a denial of service through unsafe handling of certain user input strings in the OS. The vulnerability’s root cause is related to input string proces...
CVE-2016-5374
Affected software : NetApp Data ONTAP 9.0 and 9.1 before 9.1P1. Vulnerability : improper handling of the owner_rights ACL entry allows remote authenticated users who own SMB-hosted data to bypass sharing restrictions. Impact : bypasses intended sharing controls; confidentiality, integrity, and av...
CVE-2019-5493
NetApp Data ONTAP (7-Mode) older than 8.2.5P3 is affected by an information-disclosure vulnerability (CVE-2019-5493) that requires multiple non-default options to be enabled and is exploitable by an unauthenticated remote attacker. The Nessus plugin ntap-20190801-0001 lists this CVE along with CV...
CVE-2008-3349
CVE-2008-3349 concerns multiple unspecified vulnerabilities in NetApp Data ONTAP (used on NetApp and IBM eServer platforms) that allow remote attackers to execute arbitrary commands, cause a denial of service (system crash), or obtain sensitive information, probably due to insufficient access con...