switch s software vulnerabilities
vulnerabilities.aspcode.net
Searching switch s software vulnerabilities
Buffer overflow in IP-Switch IMail and Seattle
IP-Switch
|
packages
|
possibly
|
overflow
|
service
|
command
|
causing
|
Seattle
|
denial
|
access
|
Buffer
|
Slmail
|
remote
|
using
|
IMail
|
VRFY
|
Labs
|
long
|
Buffer overflow in IP-Switch IMail and Seattle Labs Slmail 2.6 packages using a long VRFY command, causing a denial of service and possibly remote access.
NBase switches NH2012, NH2012R, NH2015, and NH2
configuration
|
attackers
|
password
|
disabled
|
switch's
|
switches
|
NH2012R
|
NH2012
|
modify
|
remote
|
allows
|
NH2048
|
NH2015
|
cannot
|
NBase
|
which
|
back
|
door
|
have
|
NBase switches NH2012, NH2012R, NH2015, and NH2048 have a back door password that cannot be disabled, which allows remote attackers to modify the switch's configuration.
NBase switches NH208 and NH215 run a TFTP serve
attackers
|
switches
|
software
|
service
|
updates
|
remote
|
denial
|
switch
|
modify
|
server
|
allows
|
cause
|
NH215
|
NH208
|
NBase
|
which
|
send
|
TFTP
|
run
|
NBase switches NH208 and NH215 run a TFTP server which allows remote attackers to send software updates to modify the switch or cause a denial of service (crash) by guessing the target filenames, which have default names.
Xylan OmniSwitch before 3.2.6 allows remote att
OmniSwitch
|
before
|
Xylan
|
Xylan OmniSwitch before 3.2.6 allows remote attackers to bypass the login prompt via a CTRL-D (control d) character, which locks other users out of the switch because it only supports one session at a time.
Cisco Catalyst 2900XL switch allows a remote at
Catalyst
|
attacker
|
service
|
packet
|
create
|
denial
|
switch
|
2900XL
|
remote
|
allows
|
empty
|
Cisco
|
sent
|
port
|
via
|
UDP
|
Cisco Catalyst 2900XL switch allows a remote attacker to create a denial of service via an empty UDP packet sent to port 161 (SNMP) when SNMP is disabled.
HP Procurve Switch 4000M running firmware C.08.
management
|
attackers
|
disables
|
Procurve
|
firmware
|
address
|
service
|
running
|
denial
|
Switch
|
telnet
|
allows
|
remote
|
which
|
C0909
|
C0822
|
4000M
|
cause
|
port
|
scan
|
via
|
HP Procurve Switch 4000M running firmware C.08.22 and C.09.09 allows remote attackers to cause a denial of service via a port scan of the management IP address, which disables the telnet service.
The web management interface for Cisco Content
management
|
interface
|
Content
|
Service
|
Switch
|
Cisco
|
web
|
The web management interface for Cisco Content Service Switch (CSS) 11000 switches allows remote attackers to cause a denial of service (soft reset) via (1) an HTTPS POST request, or (2) malformed XML data.
HP ProCurve Switch 4000M C.07.23 allows remote
attackers
|
ProCurve
|
service
|
remote
|
denial
|
Switch
|
allows
|
4000M
|
C0723
|
cause
|
HP ProCurve Switch 4000M C.07.23 allows remote attackers to cause a denial of service (crash) via an SNMP write request containing 85 characters, possibly triggering a buffer overflow.
Buffer overflow in the switch_voice function in
switch_voice
|
function
|
jcabc2ps
|
overflow
|
parsec
|
Buffer
|
Buffer overflow in the switch_voice function in parse.c for jcabc2ps Thursday, September 02, 2004 allows remote attackers to execute arbitrary code via a crafted ABC file.
swnet.dll in YaSoft Switch Off 2.3 and earlier
attackers
|
swnetdll
|
earlier
|
service
|
remote
|
denial
|
Switch
|
YaSoft
|
allows
|
cause
|
Off
|
swnet.dll in YaSoft Switch Off 2.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a long packet with two CRLF sequences to the service management port (TCP 8000).
Stack-based buffer overflow in swnet.dll in YaS
authenticated
|
Stack-based
|
actionhtm
|
arbitrary
|
parameter
|
overflow
|
swnetdll
|
execute
|
message
|
SendMsg
|
earlier
|
action
|
YaSoft
|
buffer
|
Switch
|
remote
|
allows
|
users
|
code
|
long
|
Off
|
via
|
Stack-based buffer overflow in swnet.dll in YaSoft Switch Off 2.3 and earlier allows remote authenticated users to execute arbitrary code via a long message parameter in a SendMsg action to action.htm.
im-switch before 11.4-46.1 in Fedora Core 2 all
imswitcher[PID]
|
overwrite
|
arbitrary
|
temporary
|
im-switch
|
114-461
|
symlink
|
Fedora
|
allows
|
before
|
attack
|
users
|
local
|
files
|
Core
|
file
|
via
|
im-switch before 11.4-46.1 in Fedora Core 2 allows local users to overwrite arbitrary files via a symlink attack on the imswitcher[PID] temporary file.
Race condition in Core Utilities (coreutils) 5.
Utilities
|
condition
|
Race
|
Core
|
Race condition in Core Utilities (coreutils) 5.2.1, when (1) mkdir, (2) mknod, or (3) mkfifo is running with the -m switch, allows local users to modify permissions of other files.
config.php in Cacti 0.8.6e and earlier allows r
no_http_headers
|
information
|
addslashes
|
privileges
|
attackers
|
injection
|
configphp
|
session
|
attacks
|
conduct
|
earlier
|
disable
|
switch
|
remote
|
allows
|
modify
|
Cacti
|
then
|
gain
|
086e
|
SQL
|
set
|
use
|
config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information to gain privileges and disable the use of addslashes to conduct SQL injection attacks.
Planet Technology Corp FGSW2402RS switch with f
privileges
|
FGSW2402RS
|
Technology
|
attackers
|
password
|
device's
|
physical
|
firmware
|
default
|
access
|
allows
|
Planet
|
switch
|
serial
|
which
|
gain
|
Corp
|
port
|
has
|
Planet Technology Corp FGSW2402RS switch with firmware 1.2 has a default password, which allows attackers with physical access to the device's serial port to gain privileges.
Cisco CSS 11500 Content Services Switch (CSS) w
Cisco
|
CSS
|
Cisco CSS 11500 Content Services Switch (CSS) with SSL termination services allows remote attackers to cause a denial of service (memory corruption and device reload) via a malformed client certificate during SSL session negotiation.
3Com Baseline Switch 2848-SFP Plus Model #3C164
2848-SFP
|
firmware
|
#3C16486
|
Baseline
|
before
|
Switch
|
Model
|
3Com
|
Plus
|
3Com Baseline Switch 2848-SFP Plus Model #3C16486 with firmware before 1.0.2.0 allows remote attackers to cause a denial of service (unstable operation) via long DHCP packets.
The Allied Telesis AT-9000/24 Ethernet switch a
documentation
|
management
|
AT-9000/24
|
unexpected
|
arbitrary
|
locations
|
attackers
|
contrary
|
Ethernet
|
against
|
attacks
|
conduct
|
packets
|
accepts
|
Telesis
|
Allied
|
switch
|
allows
|
remote
|
VLANs
|
which
|
The Allied Telesis AT-9000/24 Ethernet switch accepts management packets from arbitrary VLANs, contrary to the documentation, which allows remote attackers to conduct attacks against the switch from unexpected locations.
The Allied Telesis AT-9000/24 Ethernet switch h
unauthorized
|
AT-9000/24
|
attackers
|
"manager"
|
password
|
Ethernet
|
perform
|
Telesis
|
account
|
actions
|
default
|
allows
|
remote
|
switch
|
Allied
|
admin
|
which
|
has
|
its
|
The Allied Telesis AT-9000/24 Ethernet switch has a default password for its admin account, "manager," which allows remote attackers to perform unauthorized actions.
ieee80211_input.c in MadWifi before 0.9.3 does
ieee80211_inputc
|
MadWifi
|
before
|
ieee80211_input.c in MadWifi before 0.9.3 does not properly process Channel Switch Announcement Information Elements (CSA IEs), which allows remote attackers to cause a denial of service (loss of communication) via a Channel Switch Count less than or equal to one, triggering a channel change.
Software vulnerabilities results 1 to 20 of 48
Page:
1
2
3
►