route software vulnerabilities
vulnerabilities.aspcode.net
Searching route software vulnerabilities
Cisco routers 9.17 and earlier allow remote att
routers
|
Cisco
|
Cisco routers 9.17 and earlier allow remote attackers to bypass security restrictions via certain IP source routed packets that should normally be denied using the "no ip source-route" command.
Cisco IOS 9.1 and earlier does not properly han
"established"
|
attackers
|
properly
|
extended
|
keyword
|
earlier
|
filters
|
enabled
|
access
|
handle
|
bypass
|
could
|
allow
|
which
|
lists
|
Cisco
|
route
|
cache
|
does
|
set
|
IOS
|
not
|
Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters.
Vulnerability in Cisco routers versions 8.2 thr
"established"
|
Vulnerability
|
interfaces
|
attackers
|
versions
|
extended
|
through
|
control
|
keyword
|
certain
|
routers
|
enabled
|
remote
|
allows
|
access
|
bypass
|
cache
|
lists
|
Cisco
|
route
|
uses
|
used
|
list
|
Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote attackers to bypass access control lists when extended IP access lists are used on certain interfaces, the IP route cache is enabled, and the access list uses the "established" keyword.
Novell BorderManager 3.5 with PAT (Port-Address
BorderManager
|
Novell
|
PAT
|
Novell BorderManager 3.5 with PAT (Port-Address Translate) enabled allows remote attackers to cause a denial of service by filling the connection table with a large number of connection requests to hosts that do not have a specific route, which may be forwarded to the public interface.
The route cache implementation in Linux 2.4, an
implementation
|
Netfilter
|
conntrack
|
attackers
|
service
|
remote
|
denial
|
allows
|
module
|
cache
|
route
|
Linux
|
cause
|
The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions.
Enterasys XSR-1800 series Security Routers, whe
Enterasys
|
Security
|
firmware
|
XSR-1800
|
running
|
Routers
|
series
|
Enterasys XSR-1800 series Security Routers, when running firmware 7.0.0.0 and using Policy-Based Routing, allow remote attackers to cause a denial of service (crash) via a packet with the IP record route option set.
Unknown vulnerability in the systems message qu
vulnerability
|
51B-2/PK4
|
service
|
through
|
message
|
systems
|
Unknown
|
denial
|
allows
|
local
|
cause
|
users
|
Tru64
|
queue
|
Unix
|
40F
|
PK8
|
Unknown vulnerability in the systems message queue in HP Tru64 Unix 4.0F PK8 through 5.1B-2/PK4 allows local users to cause a denial of service (process crash) for processes such as nfsstat, pfstat, arp, ogated, rarpd, route, sendmail, srconfig, strsetup, trpt, netstat, and xntpd.
The fib_seq_start function in fib_hash.c in Lin
fib_seq_start
|
fib_hashc
|
function
|
service
|
denial
|
allows
|
kernel
|
Linux
|
cause
|
local
|
users
|
The fib_seq_start function in fib_hash.c in Linux kernel allows local users to cause a denial of service (system crash) via /proc/net/route.
The rose_rt_ioctl function in rose_route.c for
rose_rt_ioctl
|
rose_routec
|
Environment
|
Radionet
|
function
|
Source
|
Open
|
The rose_rt_ioctl function in rose_route.c for Radionet Open Source Environment (ROSE) in Linux 2.6 kernels before 2.6.12, and 2.4 before 2.4.29, does not properly verify the ndigis argument for a new route, which allows attackers to trigger array out-of-bounds errors with a large number of digipeats.
Linux kernel before 2.6.15.3 down to 2.6.12, wh
before
|
kernel
|
Linux
|
Linux kernel before 2.6.15.3 down to 2.6.12, while constructing an ICMP response in icmp_send, does not properly handle when the ip_options_echo function in icmp.c fails, which allows remote attackers to cause a denial of service (crash) via vectors such as (1) record-route and (2) timestamp IP options with the needaddr bit set and a truncated value.
Unspecified vulnerability in (1) Tor 0.1.0.x be
vulnerability
|
Unspecified
|
Unspecified vulnerability in (1) Tor 0.1.0.x before 0.1.0.18 and 0.1.1.x before 0.1.1.23, and (2) ScatterChat before 1.0.2, allows remote attackers operating a Tor entry node to route arbitrary Tor traffic through clients or cause a denial of service (flood) via unspecified vectors.
BEA AquaLogic Service Bus 2.0, 2.1, and 2.5 doe
authorization
|
unauthorized
|
activities
|
malformed
|
attackers
|
AquaLogic
|
back-end
|
messages
|
services
|
properly
|
requests
|
policies
|
conduct
|
Service
|
request
|
bypass
|
reject
|
remote
|
other
|
route
|
which
|
proxy
|
allow
|
might
|
does
|
BEA
|
Bus
|
not
|
BEA AquaLogic Service Bus 2.0, 2.1, and 2.5 does not properly reject malformed request messages to a proxy service, which might allow remote attackers to bypass authorization policies and route requests to back-end services or conduct other unauthorized activities.
Multiple buffer overflows in the ISO network pr
NetBSD-current
|
overflows
|
protocol
|
40_BETA2
|
Multiple
|
through
|
support
|
network
|
before
|
buffer
|
kernel
|
NetBSD
|
ISO
|
Multiple buffer overflows in the ISO network protocol support in the NetBSD kernel 2.0 through 4.0_BETA2, and NetBSD-current before Thursday, March 29, 2007, allow local users to execute arbitrary code via long parameters to certain functions, as demonstrated by a long sockaddr structure argument to the clnp_route function.
The IPv6 protocol allows remote attackers to ca
attackers
|
protocol
|
service
|
headers
|
crafted
|
denial
|
allows
|
remote
|
route
|
cause
|
IPv6
|
type
|
via
|
The IPv6 protocol allows remote attackers to cause a denial of service via crafted IPv6 type 0 route headers (IPV6_RTHDR_TYPE_0) that create network amplification between two routers.
Software vulnerabilities results 1 to 15 of 15
Page:
1