protocols software vulnerabilities
vulnerabilities.aspcode.net
Searching protocols software vulnerabilities
Snort 1.6, when running in straight ASCII packe
attackers
|
straight
|
selected
|
service
|
decoded
|
logging
|
running
|
allows
|
denial
|
remote
|
packet
|
cause
|
Snort
|
ASCII
|
mode
|
IDS
|
Snort 1.6, when running in straight ASCII packet logging mode or IDS mode with straight decoded ASCII packet logging selected, allows remote attackers to cause a denial of service (crash) by sending non-IP protocols that Snort does not know about, as demonstrated by an nmap protocol scan.
The SSH protocols 1 and 2 (aka SSH-2) as implem
protocols
|
SSH
|
The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and other packages have various weaknesses which can allow a remote attacker to obtain the following information via sniffing: (1) password lengths or ranges of lengths, which simplifies brute force password guessing, (2) whether RSA or DSA authentication is being used, (3) the number of authorized_keys in RSA authentication, or (4) the lengths of shell commands.
TCP, when using a large Window Size, makes it e
attackers
|
sequence
|
numbers
|
service
|
remote
|
denial
|
easier
|
Window
|
large
|
cause
|
using
|
guess
|
makes
|
Size
|
TCP
|
TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.
Mulitple buffer overflows in (1) http.c, (2) ht
overflows
|
Mulitple
|
buffer
|
Mulitple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c and other code that handles network protocols in ProZilla 1.3.6-r2 and earlier allow remote servers to execute arbitrary code via a long Location header.
Cisco NAC allows quarantined devices to communi
quarantined
|
communicate
|
devices
|
network
|
allows
|
Cisco
|
over
|
NAC
|
Cisco NAC allows quarantined devices to communicate over the network with (1) DNS, (2) DHCP, and (3) EAPoUDP, which allows attackers to bypass control methods by tunneling network traffic through one of these protocols.
Cisco PIX 500 and ASA 5500 Series Security Appl
Cisco
|
PIX
|
Cisco PIX 500 and ASA 5500 Series Security Appliances 7.2.2, when configured to inspect certain TCP-based protocols, allows remote attackers to cause a denial of service (device reboot) via malformed TCP packets.
Heap-based buffer overflow in Cerulean Studios
Heap-based
|
Cerulean
|
Trillian
|
overflow
|
Studios
|
before
|
buffer
|
Heap-based buffer overflow in Cerulean Studios Trillian 3.x before 3.1.6.0 allows remote attackers to execute arbitrary code via a message sent through the MSN protocol, or possibly other protocols, with a crafted UTF-8 string, which triggers improper memory allocation for word wrapping when a window width is used as a buffer size, a different vulnerability than CVE-2007-2478.
The Sun Admin Console in Sun Application Server
configuration
|
persistently
|
Application
|
changes
|
certain
|
Console
|
causes
|
Server
|
apply
|
Admin
|
90_01
|
which
|
does
|
Sun
|
not
|
The Sun Admin Console in Sun Application Server 9.0_0.1 does not apply certain configuration changes persistently, which causes the (1) SSL and (2) SSL_MutualAuth ORB listener services to enable all protocols and ciphers after the services are restarted, possibly allowing remote attackers to bypass intended policy.
Software vulnerabilities results 1 to 9 of 9
Page:
1