Searching protocol software vulnerabilities

An attacker can identify a CISCO device by send

identify | attacker | sending | packet | device | CISCO | port | can | SYN |

An attacker can identify a CISCO device by sending a SYN packet to port 1999, which is for the Cisco Discovery Protocol (CDP).


The ARP protocol allows any host to spoof ARP r

spoofing | protocol | conduct | replies | service | address | denial | poison | allows | spoof | cache | host | ARP | any |

The ARP protocol allows any host to spoof ARP replies and poison the ARP cache to conduct IP address spoofing or a denial of service.


The authentication protocol in Timbuktu Pro 2.0

authentication | connections | attackers | protocol | Timbuktu | service | denial | allows | 20b650 | remote | cause | port | Pro | via |

The authentication protocol in Timbuktu Pro 2.0b650 allows remote attackers to cause a denial of service via connections to port 407 and 1417.


The Citrix ICA (Independent Computing Architect

Citrix | ICA |

The Citrix ICA (Independent Computing Architecture) protocol uses weak encryption (XOR) for user authentication.


Buffer overflow in AnalogX proxy server 4.04 an

overflow | AnalogX | server | Buffer | proxy |

Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial of service via a long USER command in the FTP protocol.


Buffer overflow in AnalogX proxy server 4.04 an

overflow | AnalogX | server | Buffer | proxy |

Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial of service via a long HELO command in the SMTP protocol.


Buffer overflow in AnalogX proxy server 4.04 an

overflow | AnalogX | server | Buffer | proxy |

Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial of service via a long USER command in the POP3 protocol.


Buffer overflow in the HTTP protocol parser for

Microsoft | protocol | overflow | Network | Monitor | Buffer | parser | HTTP |

Buffer overflow in the HTTP protocol parser for Microsoft Network Monitor (Netmon) allows remote attackers to execute arbitrary commands via malformed data, aka the "Netmon Protocol Parsing" vulnerability.


Remote Data Protocol (RDP) version 5.0 in Micro

Protocol | Remote | Data |

Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP Protocol."


The STP protocol, as enabled in Linux 2.4.x, do

sufficient | attackers | topology | security | protocol | provide | enabled | allows | design | bridge | modify | which | Linux | does | 24x | not | STP |

The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology.


Buffer overflow in the get_msg_text of chan_sip

get_msg_text | Initiation | chan_sipc | Protocol | overflow | Session | Buffer |

Buffer overflow in the get_msg_text of chan_sip.c in the Session Initiation Protocol (SIP) protocol implementation for Asterisk releases before August 15, 2003, allows remote attackers to execute arbitrary code via certain (1) MESSAGE or (2) INFO requests.


Multiple vulnerabilities in the H.323 protocol

vulnerabilities | implementation | demonstrated | NISCC/OUSPG | attackers | arbitrary | possibly | protocol | Multiple | service | execute | through | denial | remote | PROTOS | suite | cause | Cisco | allow | H225 | test | 113T | 122T | code | H323 | IOS |

Multiple vulnerabilities in the H.323 protocol implementation for Cisco IOS 11.3T through 12.2T allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.


Multiple vulnerabilities in the H.323 protocol

vulnerabilities | implementation | Communications | Networks | Business | Multiple | protocol | Manager | Nortel | H323 |

Multiple vulnerabilities in the H.323 protocol implementation for Nortel Networks Business Communications Manager (BCM), Succession 1000 IP Trunk and IP Peer Networking, and 802.11 Wireless IP Gateway allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.


Ethereal 0.10.1 to 0.10.2 allows remote attacke

Ethereal |

Ethereal 0.10.1 to 0.10.2 allows remote attackers to cause a denial of service (crash) via a zero-length Presentation protocol selector.


Buffer overflow in the MSN protocol plugins (1)

protocol | overflow | plugins | Buffer | MSN |

Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.


Multiple vulnerabilities in the H.323 protocol

vulnerabilities | implementation | Communications | protocol | Multiple | Virtual | Express | Click | First | H323 | Meet |

Multiple vulnerabilities in the H.323 protocol implementation for First Virtual Communications Click to Meet Express (when used with H.323 conferencing endpoints), Click to Meet Premier, Conference Server, and V-Gate allow remote attackers to cause a denial of service, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.


The affix_sock_register in the Affix Bluetooth

affix_sock_register | privileges | Bluetooth | negative | Protocol | socket | index | array | which | value | Linux | Stack | Affix | might | local | users | allow | used | gain | call | via |

The affix_sock_register in the Affix Bluetooth Protocol Stack for Linux might allow local users to gain privileges via a socket call with a negative protocol value, which is used as an array index.


Distributed Transaction Controller in Microsoft

Transaction | Distributed | Controller | Microsoft | servers | service | Windows | denial | allows | remote | cause |

Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service exception and exit) via an "unexpected protocol command during the reconnection request," which is not properly handled by the Transaction Internet Protocol (TIP) functionality.


The IRC protocol dissector in Ethereal 0.10.13

dissector | Ethereal | protocol | IRC |

The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers to cause a denial of service (infinite loop).


BEA WebLogic Server and WebLogic Express 8.1 SP

weblogicDeployer | Administration | connection | attackers | protocol | WebLogic | Express | command | earlier | enabled | remote | secure | Server | sniff | using | might | allow | which | port | does | even | SP6 | SP4 | BEA | t3s | use | not |

BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier and 7.0 SP6 and earlier, when using the weblogic.Deployer command with the t3 protocol, does not use the secure t3s protocol even when an Administration port is enabled on the Administration server, which might allow remote attackers to sniff the connection.


Software vulnerabilities results 1 to 20 of 258     
Page: 12345...13