15 results (0.015 seconds)

CVSS: 7.1EPSS: 2%CPEs: 2049EXPL: 0

The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. La implementación del protocolo TCP en (1) Linux, (2) plataformas basadas en BSD Unix, (3) Microsoft Windows, (4) productos Cisco, y probablemente otros sistemas operativos, permite a atacantes remotos provocar una denegación de servicio (agotamiento de cola de conexión) a través de múltiples vectores que manipulan información en la tabla de estados del TCP, como lo demuestra sockstress. • http://blog.robertlee.name/2008/10/conjecture-speculation.html http://insecure.org/stf/tcp-dos-attack-explained.html http://lists.immunitysec.com/pipermail/dailydave/2008-October/005360.html http://marc.info/?l=bugtraq&m=125856010926699&w=2 http://searchsecurity.techtarget.com.au/articles/27154-TCP-is-fundamentally-borked http://www.cisco.com/en/US/products/products_security_advisory09186a0080af511d.shtml http://www.cisco.com/en/US/products/products_security_response09186a0080a15120.html http://www.cpni • CWE-16: Configuration •

CVSS: 5.0EPSS: 0%CPEs: 23EXPL: 0

ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of service (crash or hang) via crafted packets. ip_input.c en implementaciones de TCP/IP derivadas de BSD permiten a atacantes remotos causar una denegación de servicio (cuelgue o caída) mediante paquetes artesanales. • http://www.openbsd.org/errata23.html#tcpfix http://www.osvdb.org/5707 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0

IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash. • http://www.osvdb.org/908 https://exchange.xforce.ibmcloud.com/vulnerabilities/1389 • CWE-476: NULL Pointer Dereference •

CVSS: 10.0EPSS: 2%CPEs: 10EXPL: 2

Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems. • https://www.exploit-db.com/exploits/19096 ftp://patches.sgi.com/support/free/security/advisories/19981006-01-I http://www.ciac.org/ciac/bulletins/j-006.shtml http://www.securityfocus.com/bid/121 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 9%CPEs: 76EXPL: 2

Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. • https://www.exploit-db.com/exploits/19111 https://www.exploit-db.com/exploits/19112 ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/180 http://www.securityfocus.com/bid/134 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083 •