networking software vulnerabilities
vulnerabilities.aspcode.net
Searching networking software vulnerabilities
The OSI networking kernel (sys/netiso) in NetBS
networking
|
kernel
|
OSI
|
The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier does not use a BSD-required "PKTHDR" mbuf when sending certain error responses to the sender of an OSI packet, which allows remote attackers to cause a denial of service (kernel panic or crash) via certain OSI packets.
Multiple vulnerabilities in the H.323 protocol
vulnerabilities
|
implementation
|
Communications
|
Networks
|
Business
|
Multiple
|
protocol
|
Manager
|
Nortel
|
H323
|
Multiple vulnerabilities in the H.323 protocol implementation for Nortel Networks Business Communications Manager (BCM), Succession 1000 IP Trunk and IP Peer Networking, and 802.11 Wireless IP Gateway allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.
Unknown vulnerability in the bsd.a kernel netwo
vulnerability
|
networking
|
Unknown
|
kernel
|
IRIX
|
bsda
|
SGI
|
Unknown vulnerability in the bsd.a kernel networking for SGI IRIX 6.5.22 through 6.5.25, and possibly earlier versions, in which "t_unbind changes t_bind's behavior," has unknown impact and attack vectors.
The built-in web servers for multiple networkin
networking
|
attribute
|
sensitive
|
plaintext
|
sessions
|
multiple
|
built-in
|
servers
|
cookies
|
devices
|
session
|
Secure
|
server
|
cause
|
agent
|
those
|
which
|
HTTPS
|
could
|
over
|
same
|
HTTP
|
user
|
send
|
not
|
web
|
set
|
The built-in web servers for multiple networking devices do not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in plaintext over an HTTP session with the same server.
The TCP/IP Networking component in Mac OS X bef
Networking
|
component
|
before
|
TCP/IP
|
Mac
|
The TCP/IP Networking component in Mac OS X before 10.3.5 allows remote attackers to cause a denial of service (memory and resource consumption) via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, larger packet.
Cisco devices running Application and Content N
Application
|
Networking
|
Content
|
devices
|
running
|
System
|
Cisco
|
Cisco devices running Application and Content Networking System (ACNS) 5.0 before 5.0.17.6 and 5.1 before 5.1.11.6 allow remote attackers to cause a denial of service (process restart) via a "crafted TCP connection."
The RealServer RealSubscriber on Cisco devices
RealSubscriber
|
Application
|
Networking
|
RealServer
|
Content
|
devices
|
running
|
System
|
Cisco
|
The RealServer RealSubscriber on Cisco devices running Application and Content Networking System (ACNS) 5.1 allow remote attackers to cause a denial of service (CPU consumption) via malformed packets.
Cisco devices running Application and Content N
Application
|
Networking
|
Content
|
devices
|
running
|
System
|
Cisco
|
Cisco devices running Application and Content Networking System (ACNS) 4.x, 5.0, or 5.1 before 5.1.11.6 allow remote attackers to cause a denial of service (CPU consumption) via malformed IP packets.
Cisco devices running Application and Content N
Application
|
Networking
|
Content
|
devices
|
running
|
System
|
Cisco
|
Cisco devices running Application and Content Networking System (ACNS) 5.0, 5.1 before 5.1.13.7, or 5.2 before 5.2.3.9 allow remote attackers to cause a denial of service (bandwidth consumption) via "crafted IP packets" that are continuously forwarded.
Cisco devices running Application and Content N
Application
|
Networking
|
Content
|
devices
|
running
|
System
|
Cisco
|
Cisco devices running Application and Content Networking System (ACNS) 4.x, 5.0, 5.1, or 5.2 use a default password when the setup dialog has not been run, which allows remote attackers to gain access.
Heap-based buffer overflow in the NAT networkin
Workstation
|
networking
|
components
|
Heap-based
|
vmnet-natd
|
vmnatexe
|
overflow
|
buffer
|
Server
|
VMWare
|
ACE
|
NAT
|
GSX
|
Heap-based buffer overflow in the NAT networking components vmnat.exe and vmnet-natd in VMWare Workstation 5.5, GSX Server 3.2, ACE 1.0.1, and Player 1.0 allows remote authenticated attackers, including guests, to execute arbitrary code via crafted (1) EPRT and (2) PORT FTP commands.
Control cards for Cisco Optical Networking Syst
Networking
|
Optical
|
Control
|
System
|
cards
|
Cisco
|
Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before Wednesday, April 05, 2006 allow remote attackers to cause a denial of service (memory exhaustion and possibly card reset) by sending an invalid response when the final ACK is expected, aka bug ID CSCei45910.
Control cards for Cisco Optical Networking Syst
Networking
|
Optical
|
Control
|
System
|
cards
|
Cisco
|
Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before Wednesday, April 05, 2006 allow remote attackers to cause a denial of service (card reset) via (1) a "crafted" IP packet to a device with secure mode EMS-to-network-element access, aka bug ID CSCsc51390; (2) a "crafted" IP packet to a device with IP on the LAN interface, aka bug ID CSCsd04168; and (3) a "malformed" OSPF packet, aka bug ID CSCsc54558.
The installation of Cisco Transport Controller
installation
|
Controller
|
Transport
|
Cisco
|
The installation of Cisco Transport Controller (CTC) for Cisco Optical Networking System (ONS) 15000 series nodes adds a Java policy file entry with a wildcard that grants the java.security.AllPermission permission to any http URL containing "fs/LAUNCHER.jar", which allows remote attackers to execute arbitrary code on a CTC workstation, aka bug ID CSCea25049.
The Web User Interface in Xerox WorkCentre and
WorkCentre
|
Interface
|
before
|
Xerox
|
User
|
Web
|
Pro
|
The Web User Interface in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 allows remote attackers to execute arbitrary commands via unspecified vectors involving "command injection" in (1) the TCP/IP hostname, (2) Scan-to-mailbox folder names, and (3) certain parameters in the Microsoft Networking configuration. NOTE: vector 1 might be the same as CVE-2006-5290.
Cisco VPN Client on Windows before 4.8.02.0010
Windows
|
before
|
Client
|
Cisco
|
VPN
|
Cisco VPN Client on Windows before 4.8.02.0010 allows local users to gain privileges by enabling the "Start Before Logon" (SBL) and Microsoft Dial-Up Networking options, and then interacting with the dial-up networking dialog box.
The get_system_info command in Ignite-UX C.7.0
get_system_info
|
DynRootDisk
|
Ignite-UX
|
through
|
command
|
C73
|
C70
|
The get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynRootDisk (DRD) A.1.0.16.417 through A.2.0.0.592, on HP-UX B.11.11, B.11.23, and B.11.31 does not inform local users of networking changes made by the command, which has unknown impact and attack vectors.
SQL injection vulnerability in profile/myprofil
profile/myprofilephp
|
vulnerability
|
psi-labscom
|
networking
|
injection
|
script
|
social
|
SQL
|
SQL injection vulnerability in profile/myprofile.php in psi-labs.com social networking script (psisns), probably 1.0, allows remote attackers to execute arbitrary SQL commands via the u parameter.
Software vulnerabilities results 1 to 19 of 19
Page:
1