Page 7 of 34 results (0.007 seconds)

CVSS: 5.4EPSS: 0%CPEs: 11EXPL: 0

The OSPF implementation on Brocade routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149. La implementación OSPF en routers BROCADE no considera la posibilidad de valores Link State ID duplicados en paquetes Link State Advertisement (LSA) antes de ejecutar operaciones en la base de datos LSA, lo cual permite a atacantes causar denegación de servicio (interrupción del enrutado) u obtener información sensible de los paquetes a través de paquetes LSA manipulados, un problema relacionado con CVE-2013-0149. • http://www.kb.cert.org/vuls/id/229804 http://www.kb.cert.org/vuls/id/BLUU-98MS25 • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

Brocade BigIron RX switches allow remote attackers to bypass ACL rules by using 179 as the source port of a packet. Switches Brocade BigIron RX permiten a atacantes remotos eludir las reglas ACL mediante el uso del puerto 179 como el origen de un paquete. • http://osvdb.org/73869 http://secunia.com/advisories/45217 http://www.kb.cert.org/vuls/id/853246 http://www.securityfocus.com/bid/48663 https://exchange.xforce.ibmcloud.com/vulnerabilities/68535 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0

The embedded Linux kernel in certain Sun-Brocade SilkWorm switches before 20070516 does not properly handle a situation in which a non-root user creates a kernel process, which allows attackers to cause a denial of service (oops and device reboot) via unspecified vectors. El kernel empotrado de Linux en ciertos conmutadores Sun-Brocade SilkWorm anteriores al 20070516 no manejan correctamente la situación cuando un usuario no administrador (root) crea un proceso de kernel, lo que permite a los atacantes provocar una denegación de servicio (reinicio de los oops y de los dispositivos) a través de vectores sin especificar. • http://osvdb.org/39117 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102752-1 http://www.securityfocus.com/bid/24036 https://exchange.xforce.ibmcloud.com/vulnerabilities/34495 • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 1%CPEs: 17EXPL: 0

Engenio/LSI Logic storage controllers, as used in products such as Storagetek D280, and IBM DS4100 (formerly FastT 100) and Brocade SilkWorm Switches, allow remote attackers to cause a denial of service (freeze and possible data corruption) via crafted TCP packets. • http://marc.info/?l=bugtraq&m=109435831811484&w=2 http://secunia.com/advisories/12464 http://www.securityfocus.com/bid/11108 https://exchange.xforce.ibmcloud.com/vulnerabilities/17290 •