2004-08-18
|
CVE-2004-0230
|
TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.
|
Junos, Network_data_loss_prevention, Windows_2000, Windows_98, Windows_98se, Windows_server_2003, Windows_xp, Netbsd, Openpgp, Solaris, Openserver, Unixware
|
N/A
|
|
|
1997-12-01
|
CVE-1999-0016
|
Land IP denial of service.
|
Ios, Inet, Hp\-Ux, Windows_95, Windows_nt, Winsock, Netbsd, Sunos
|
N/A
|
|
|
2006-11-29
|
CVE-2006-6165
|
ld.so in FreeBSD, NetBSD, and possibly other BSD distributions does not remove certain harmful environment variables, which allows local users to gain privileges by passing certain environment variables to loading processes. NOTE: this issue has been disputed by a third party, stating that it is the responsibility of the application to properly sanitize the environment
|
Freebsd, Netbsd
|
N/A
|
|
|
2014-10-15
|
CVE-2014-3566
|
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
|
Mac_os_x, Debian_linux, Fedora, Aix, Vios, Mageia, Netbsd, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit, Openssl, Opensuse, Database, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_desktop_supplementary, Enterprise_linux_server, Enterprise_linux_server_supplementary, Enterprise_linux_workstation, Enterprise_linux_workstation_supplementary
|
3.4
|
|
|
2021-05-11
|
CVE-2020-26139
|
An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.
|
C\-100_firmware, C\-110_firmware, C\-120_firmware, C\-130_firmware, C\-200_firmware, C\-230_firmware, C\-235_firmware, C\-250_firmware, C\-260_firmware, C\-65_firmware, C\-75_firmware, O\-105_firmware, O\-90_firmware, W\-118_firmware, W\-68_firmware, 1100\-4p_firmware, 1100\-8p_firmware, 1100_firmware, 1101\-4p_firmware, 1109\-2p_firmware, 1109\-4p_firmware, Aironet_1532_firmware, Aironet_1542d_firmware, Aironet_1542i_firmware, Aironet_1552_firmware, Aironet_1552h_firmware, Aironet_1572_firmware, Aironet_1702_firmware, Aironet_1800_firmware, Aironet_1800i_firmware, Aironet_1810_firmware, Aironet_1810w_firmware, Aironet_1815_firmware, Aironet_1815i_firmware, Aironet_1832_firmware, Aironet_1842_firmware, Aironet_1852_firmware, Aironet_2702_firmware, Aironet_2800_firmware, Aironet_2800e_firmware, Aironet_2800i_firmware, Aironet_3702_firmware, Aironet_3800_firmware, Aironet_3800e_firmware, Aironet_3800i_firmware, Aironet_3800p_firmware, Aironet_4800_firmware, Aironet_ap803_firmware, Aironet_iw3702_firmware, Catalyst_9105_firmware, Catalyst_9105axi_firmware, Catalyst_9105axw_firmware, Catalyst_9115_ap_firmware, Catalyst_9115_firmware, Catalyst_9115axe_firmware, Catalyst_9115axi_firmware, Catalyst_9117_ap_firmware, Catalyst_9117_firmware, Catalyst_9117axi_firmware, Catalyst_9120_ap_firmware, Catalyst_9120_firmware, Catalyst_9120axe_firmware, Catalyst_9120axi_firmware, Catalyst_9120axp_firmware, Catalyst_9124_firmware, Catalyst_9124axd_firmware, Catalyst_9124axi_firmware, Catalyst_9130_ap_firmware, Catalyst_9130_firmware, Catalyst_9130axe_firmware, Catalyst_9130axi_firmware, Catalyst_iw6300_ac_firmware, Catalyst_iw6300_dc_firmware, Catalyst_iw6300_dcw_firmware, Catalyst_iw6300_firmware, Esw6300_firmware, Ip_phone_6861_firmware, Ip_phone_8821_firmware, Ip_phone_8832_firmware, Ip_phone_8861_firmware, Ip_phone_8865_firmware, Ir829\-2lte\-Ea\-Ak9_firmware, Ir829\-2lte\-Ea\-Bk9_firmware, Ir829\-2lte\-Ea\-Ek9_firmware, Ir829gw\-Lte\-Ga\-Ck9_firmware, Ir829gw\-Lte\-Ga\-Ek9_firmware, Ir829gw\-Lte\-Ga\-Sk9_firmware, Ir829gw\-Lte\-Ga\-Zk9_firmware, Ir829gw\-Lte\-Na\-Ak9_firmware, Ir829gw\-Lte\-Vz\-Ak9_firmware, Meraki_gr10_firmware, Meraki_gr60_firmware, Meraki_mr12_firmware, Meraki_mr20_firmware, Meraki_mr26_firmware, Meraki_mr30h_firmware, Meraki_mr32_firmware, Meraki_mr33_firmware, Meraki_mr34_firmware, Meraki_mr36_firmware, Meraki_mr42_firmware, Meraki_mr42e_firmware, Meraki_mr44_firmware, Meraki_mr45_firmware, Meraki_mr46_firmware, Meraki_mr46e_firmware, Meraki_mr52_firmware, Meraki_mr53_firmware, Meraki_mr53e_firmware, Meraki_mr55_firmware, Meraki_mr56_firmware, Meraki_mr62_firmware, Meraki_mr66_firmware, Meraki_mr70_firmware, Meraki_mr72_firmware, Meraki_mr74_firmware, Meraki_mr76_firmware, Meraki_mr84_firmware, Meraki_mr86_firmware, Meraki_mx64w_firmware, Meraki_mx65w_firmware, Meraki_mx67cw_firmware, Meraki_mx67w_firmware, Meraki_mx68cw_firmware, Meraki_mx68w_firmware, Meraki_z3_firmware, Meraki_z3c_firmware, Webex_board_55_firmware, Webex_board_55s_firmware, Webex_board_70_firmware, Webex_board_70s_firmware, Webex_board_85s_firmware, Webex_dx70_firmware, Webex_dx80_firmware, Webex_room_55_dual_firmware, Webex_room_55_firmware, Webex_room_70_dual_firmware, Webex_room_70_dual_g2_firmware, Webex_room_70_firmware, Webex_room_70_single_firmware, Webex_room_70_single_g2_firmware, Webex_room_kit_firmware, Webex_room_kit_mini_firmware, Debian_linux, Ac_8260_firmware, Ac_8265_firmware, Ac_9260_firmware, Ac_9560_firmware, Killer_ac_1550_firmware, Killer_wi\-Fi_6_ax1650_firmware, Killer_wi\-Fi_6e_ax1675_firmware, Proset_ac_3165_firmware, Proset_ac_3168_firmware, Proset_ac_8260_firmware, Proset_ac_8265_firmware, Proset_ac_9260_firmware, Proset_ac_9461_firmware, Proset_ac_9462_firmware, Proset_ac_9560_firmware, Proset_wi\-Fi_6_ax200_firmware, Proset_wi\-Fi_6_ax201_firmware, Proset_wi\-Fi_6e_ax210_firmware, Proset_wireless_7265_\(Rev_d\)_firmware, Wi\-Fi_6_ax200_firmware, Wi\-Fi_6_ax201_firmware, Netbsd
|
5.3
|
|
|
2021-12-25
|
CVE-2021-45484
|
In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG.
|
Netbsd
|
7.5
|
|
|
2021-12-25
|
CVE-2021-45487
|
In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures.
|
Netbsd
|
7.5
|
|
|
2021-12-25
|
CVE-2021-45488
|
In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm.
|
Netbsd
|
7.5
|
|
|
2021-12-25
|
CVE-2021-45489
|
In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG.
|
Netbsd
|
7.5
|
|
|
2024-07-01
|
CVE-2024-6387
|
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
|
Linux_2023, Ubuntu_linux, Debian_linux, Freebsd, E\-Series_santricity_os_controller, Ontap_select_deploy_administration_utility, Ontap_tools, Netbsd, Openssh, Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_for_arm_64, Enterprise_linux_for_arm_64_eus, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_ibm_z_systems_eus, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_server_aus, Openshift_container_platform, Linux_enterprise_micro
|
8.1
|
|
|