Ruggedcom Rox Ii Firmware Security Vulnerabilities and Issues — Ruggedcom Rox Ii Firmware CVE List

Lucene search

SiemensRuggedcom Rox Ii Firmware

5 matches found

CVE•added 2018/09/06 9:29 p.m.•637 views

CVE-2018-5391

The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation hav...

7.8CVSS7.7AI score0.01732EPSS

CVE•added 2018/02/19 1:29 p.m.•148 views

CVE-2018-5379

The Quagga BGP daemon (bgpd) prior to version 1.2.3 can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. A successful attack could cause a denial of service or potentially allow an attacker to execute arbitrary code.

9.8CVSS9.5AI score0.15491EPSS

CVE•added 2018/02/19 1:29 p.m.•92 views

CVE-2018-5381

The Quagga BGP daemon (bgpd) prior to version 1.2.3 has a bug in its parsing of "Capabilities" in BGP OPEN messages, in the bgp_packet.c:bgp_capability_msg_parse function. The parser can enter an infinite loop on invalid capabilities if a Multi-Protocol capability does not have a recognized AFI/SAF...

7.5CVSS8.1AI score0.10093EPSS

CVE•added 2018/02/19 1:29 p.m.•78 views

CVE-2018-5380

The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input.

4.3CVSS6.5AI score0.01402EPSS

CVE•added 2015/08/03 1:59 a.m.•47 views

CVE-2015-5537

The SSL layer of the HTTPS service in Siemens RuggedCom ROS before 4.2.0 and ROX II does not properly implement CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a different vulnerability than CVE-2014-3566.

4.3CVSS4.5AI score0.94196EPSS