Computer Security

Search:Vulnerability:21.04.2004
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Cisco SNMP DoS
Published:21.04.2004
Source:CERT
SecurityVulns ID:3629
Type:remote
Level:6/10
Description:Malformed packet can cause router to crash.
Affected:CISCO : IOS 12.0
 CISCO : IOS 12.1
 CISCO : IOS 12.2
 CISCO : IOS 12.3
Original documentdocumentCISCO, Cisco Security Advisory: Vulnerabilities in SNMP Message Processing (21.04.2004)
 documentCERT, US-CERT Technical Cyber Security Alert TA04-111B -- Cisco IOS SNMP Message Handling Vulnerability (21.04.2004)
Discuss:Read or add your comments to this news (0 comments)

Microsoft Exchange POP3 gateway Exchangepop3 buffer overflow
updated since 21.04.2004
Published:21.04.2004
Source:BUGTRAQ
SecurityVulns ID:3630
Type:remote
Level:5/10
Description:Buffer overflow in SMTP MAIL FROM command.
Affected:EXCHANGEPOP3 : Exchangepop3 5.0
Original documentdocumentsecurma massine, Exchangepop3 v5 rcpt buffer overflow vulnerability (03.02.2006)
Files:Exchange pop3 remote exploit
Discuss:Read or add your comments to this news (0 comments)

TCP RST packets spoofing
updated since 21.04.2004
Published:21.05.2004
Source:CERT
SecurityVulns ID:3628
Type:remote
Level:7/10
Description:By sending spoofed RST it's possible to terminate established TCP connection. unlike TPC hijacking attacks there is no need for exact TCP sequence number, and number can be any number from handshaked TCP window. It significantly increases attack efficiency. In NetBSD sequence number for RST is not checked at all, it makes it possible to terminate session with single packet.
Affected:CISCO : IOS 12.0
 CISCO : IOS 11.2
 CHECKPOINT : Firewall-1 NG
 CISCO : IOS 12.3
 CISCO : Catalist 1200
 CISCO : Catalist 2800
 CISCO : Catalist 3000
 CISCO : Catalist 4000
 CISCO : Catalist 6000
 CISCO : Cisco WS-6624
 CISCO : Cisco Aironet 350
 CISCO : Cisco ONS 15327
 CISCO : Cisco ONS 15454SDH
 INTERNICHE : NicheStack 2.0
 CISCO : PIX 6.2
 CISCO : PIX 6.3
 ISS : Proventia G
 ISS : Proventia M
 CISCO : Catalist 1900
 CISCO : Catalist 2900
 CISCO : Catalist 3900
 CISCO : Catalist 5000
 CISCO : Cisco MDS 9000
 CISCO : Cisco Aironet 340
 CISCO : Cisco Aironet 1200
 CISCO : Cisco ONS 15454
 CISCO : Cisco ONS 15600
 INTERNICHE : NicheLite 2.0
 NETBSD : NetBSD 2.0
 HP : ProCurve 9315M
 HP : ProCurve 9308M
 HP : ProCurve 9304M
 CHECKPOINT : Firewall-1 4.1
 CISCO : IOS 11.1
 CISCO : IOS 12.1
 CHECKPOINT : VPN-1 4.1
 NETBSD : NetBSD 1.5
 CISCO : IOS 11.3
 CISCO : IOS 12.2
 NETBSD : NetBSD 1.6
 CISCO : PIX 6.1
Original documentdocumentHP, [security bulletin] SSRT4696 rev. 0 HP ProCurve Routing Switches TCP Denial of Service (DoS) (21.05.2004)
 documentNETBSD, NetBSD Security Advisory 2004-006: TCP protocol and implementation vulnerability (22.04.2004)
 documentCISCO, Cisco Security Advisory: TCP Vulnerabilities in Multiple Non-IOS-Based Cisco Products (21.04.2004)
 documentCISCO, Cisco Security Advisory: TCP Vulnerabilities in Multiple IOS Based Cisco Products (21.04.2004)
 documentCERT, US-CERT Technical Cyber Security Alert TA04-111A -- Vulnerabilities in TCP (21.04.2004)
Files:TCP Reset Spoofing Generic Exploits
 Transmission Control Protocol security considerations
 NISCC Vulnerability Advisory 236929 Vulnerability Issues in TCP
Discuss:Read or add your comments to this news (0 comments)

Cherokee formatstring bug
updated since 21.04.2004
Published:02.11.2004
Source:BUGTRAQ
SecurityVulns ID:3631
Type:remote
Level:5/10
Description:Format string bug on syslog() call and gile logging in NCSA format, cherokee_logger_ncsa_write_string().
Affected:0X50 : Cherokee 0.4
Original documentdocumentGENTOO, [ GLSA 200411-02 ] Cherokee: Format string vulnerability (02.11.2004)
 documentCoKi, Format String in Cherokee (21.04.2004)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru