exploit the possibilities
Showing 1 - 21 of 21 RSS Feed

CVE-2011-3188

Status Candidate

Overview

The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets.

Related Files

HP Security Bulletin HPSBGN02970
Posted Mar 11, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN02970 - Potential vulnerabilities have been identified with HP Rapid Deployment Pack (RDP) or HP Insight Control Server Deployment. The vulnerabilities could be exploited remotely affecting confidentiality, integrity and availability. Revision 1 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2010-4008, CVE-2010-4494, CVE-2011-2182, CVE-2011-2213, CVE-2011-2492, CVE-2011-2518, CVE-2011-2689, CVE-2011-2723, CVE-2011-3188, CVE-2011-4077, CVE-2011-4110, CVE-2012-0058, CVE-2012-0879, CVE-2012-1088, CVE-2012-1179, CVE-2012-2137, CVE-2012-2313, CVE-2012-2372, CVE-2012-2373, CVE-2012-2375, CVE-2012-2383, CVE-2012-2384, CVE-2013-6205, CVE-2013-6206
SHA-256 | e25777250b7eb57ebcfad065c189fe97acfb1a87cb7e94b581d8e42eebdd57b0
VMware Security Advisory 2012-0013
Posted Sep 1, 2012
Authored by VMware | Site vmware.com

VMware Security Advisory 2012-0013 - VMware has updated several third party libraries in vSphere and vcOps to address multiple security vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2009-5029, CVE-2009-5064, CVE-2010-0830, CVE-2010-2761, CVE-2010-4180, CVE-2010-4252, CVE-2010-4410, CVE-2011-0014, CVE-2011-1020, CVE-2011-1089, CVE-2011-1833, CVE-2011-2484, CVE-2011-2496, CVE-2011-2699, CVE-2011-3188, CVE-2011-3209, CVE-2011-3363, CVE-2011-3597, CVE-2011-4108, CVE-2011-4109, CVE-2011-4110, CVE-2011-4128, CVE-2011-4132, CVE-2011-4324, CVE-2011-4325, CVE-2011-4576, CVE-2011-4577, CVE-2011-4609
SHA-256 | ab37b6926b046653acdeeef66e7c85ba
Red Hat Security Advisory 2012-0010-01
Posted Jan 11, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0010-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A malicious CIFS server could send a specially-crafted response to a directory read request that would result in a denial of service or privilege escalation on a system that has a CIFS share mounted. The way fragmented IPv6 UDP datagrams over the bridge with UDP Fragmentation Offload functionality on were handled could allow a remote attacker to cause a denial of service.

tags | advisory, remote, denial of service, kernel, udp
systems | linux, redhat
advisories | CVE-2011-1162, CVE-2011-2494, CVE-2011-2723, CVE-2011-2898, CVE-2011-3188, CVE-2011-3191, CVE-2011-3353, CVE-2011-3359, CVE-2011-3363, CVE-2011-3637, CVE-2011-4081, CVE-2011-4110, CVE-2011-4132, CVE-2011-4326
SHA-256 | 557893d6076de010f89965257f12c763df4474c60b2d096db7dea8c57ede5c1e
Red Hat Security Advisory 2011-1465-01
Posted Nov 23, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1465-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. IPv6 fragment identification value generation could allow a remote attacker to disrupt a target system's networking, preventing legitimate users from accessing its services. A signedness issue was found in the Linux kernel's CIFS implementation. A malicious CIFS server could send a specially-crafted response to a directory read request that would result in a denial of service or privilege escalation on a system that has a CIFS share mounted.

tags | advisory, remote, denial of service, kernel
systems | linux, redhat
advisories | CVE-2011-1162, CVE-2011-1577, CVE-2011-2494, CVE-2011-2699, CVE-2011-2905, CVE-2011-3188, CVE-2011-3191, CVE-2011-3353, CVE-2011-3359, CVE-2011-3363, CVE-2011-3593, CVE-2011-4326
SHA-256 | 3990f24ba89403137d83736fa4eb71c4dde3b75f9f53a5c4bd3900576ad8c927
Ubuntu Security Notice USN-1253-1
Posted Nov 9, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1253-1 - Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Vasiliy Kulikov and Dan Rosenberg discovered that ecryptfs did not correctly check the origin of mount points. A local attacker could exploit this to trick the system into unmounting arbitrary mount points, leading to a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-1576, CVE-2011-1833, CVE-2011-2494, CVE-2011-2495, CVE-2011-2497, CVE-2011-2695, CVE-2011-2699, CVE-2011-2905, CVE-2011-2928, CVE-2011-3188, CVE-2011-3191
SHA-256 | 500dc3b4a945636f97bf2e47879fe76c35bb56044546ce1c830a4bcfd79e5365
Red Hat Security Advisory 2011-1419-01
Posted Nov 2, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1419-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. The way IPv4 and IPv6 protocol sequence numbers and fragment IDs were generated could allow a man-in-the-middle attacker to inject packets and possibly hijack connections. Protocol sequence numbers and fragment IDs are now more random. A flaw was found in the Linux kernel's clock implementation on 32-bit, SMP systems. A local, unprivileged user could use this flaw to cause a divide error fault, resulting in a denial of service.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, redhat
advisories | CVE-2011-3188, CVE-2011-3209
SHA-256 | 9fd2340c96e708295de471c97e645a41584ac05ff9ebae5e3262fe5257680537
Red Hat Security Advisory 2011-1408-01
Posted Oct 26, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1408-01 - An updated rhev-hypervisor package that fixes several security issues is now available. The RHBA-2011:1254 update introduced a regression in the Linux kernel's Ethernet bridge implementation. If a system had an interface in a bridge, and an attacker on the local network could send packets to that interface, they could cause a denial of service on that system. A flaw in the Linux kernel could lead to GRO (Generic Receive Offload) fields being left in an inconsistent state. An attacker on the local network could use this flaw to trigger a denial of service. GRO is enabled by default in all network drivers that support it. Various other issues have also been addressed.

tags | advisory, denial of service, kernel, local
systems | linux, redhat
advisories | CVE-2011-2723, CVE-2011-2942, CVE-2011-3188, CVE-2011-3347
SHA-256 | eaa751b6a72414e3c2ff93e3ab04ec5a934c18a66c443d19e1becc9cd0e9a109
Ubuntu Security Notice USN-1246-1
Posted Oct 25, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1246-1 - Dan Rosenberg discovered that the IPv4 diagnostic routines did not correctly validate certain requests. A local attacker could exploit this to consume CPU resources, leading to a denial of service. Dan Rosenberg discovered that the Bluetooth stack incorrectly handled certain L2CAP requests. If a system was using Bluetooth, a remote attacker could send specially crafted traffic to crash the system or gain root privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, local, root
systems | linux, ubuntu
advisories | CVE-2011-2213, CVE-2011-2497, CVE-2011-2695, CVE-2011-2700, CVE-2011-2723, CVE-2011-2928, CVE-2011-3188, CVE-2011-3191
SHA-256 | cf11a06c88404689f3315bfbc23864bb0580bd1f90eb5d3cfcb5f38c2c2438a0
Ubuntu Security Notice USN-1245-1
Posted Oct 25, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1245-1 - Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Vasiliy Kulikov and Dan Rosenberg discovered that ecryptfs did not correctly check the origin of mount points. A local attacker could exploit this to trick the system into unmounting arbitrary mount points, leading to a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-1576, CVE-2011-1833, CVE-2011-2494, CVE-2011-2495, CVE-2011-2497, CVE-2011-2695, CVE-2011-2699, CVE-2011-2905, CVE-2011-2928, CVE-2011-3188, CVE-2011-3191
SHA-256 | 6c2fdc6fb88de2201319a3a2c820b9ee501477683f43a26fc633346bfd7e0794
Ubuntu Security Notice USN-1243-1
Posted Oct 25, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1243-1 - It was discovered that the security fix for CVE-2010-4250 introduced a regression. A remote attacker could exploit this to crash the system, leading to a denial of service. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Vasiliy Kulikov discovered that /proc/PID/io did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Various other issues were also addressed.

tags | advisory, remote, denial of service, local
systems | linux, ubuntu
advisories | CVE-2011-1479, CVE-2011-2494, CVE-2011-2495, CVE-2011-2695, CVE-2011-2905, CVE-2011-2909, CVE-2011-3188, CVE-2011-3363
SHA-256 | 17f248b3931a988aad14812534c1789db9fb19d3669e1520b000fb81fd5b0df9
Ubuntu Security Notice USN-1242-1
Posted Oct 25, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1242-1 - It was discovered that the security fix for CVE-2010-4250 introduced a regression. A remote attacker could exploit this to crash the system, leading to a denial of service. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Vasiliy Kulikov discovered that /proc/PID/io did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Various other issues were also addressed.

tags | advisory, remote, denial of service, local
systems | linux, ubuntu
advisories | CVE-2011-1479, CVE-2011-2494, CVE-2011-2495, CVE-2011-2695, CVE-2011-2905, CVE-2011-2909, CVE-2011-3188, CVE-2011-3363, CVE-2010-4250
SHA-256 | 544731c1bb12667fa7a9b5b5b16ac0871a169440d284556042daf2acc1e9a8f4
Ubuntu Security Notice USN-1241-1
Posted Oct 25, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1241-1 - It was discovered that the Stream Control Transmission Protocol (SCTP) implementation incorrectly calculated lengths. If the net.sctp.addip_enable variable was turned on, a remote attacker could send specially crafted traffic to crash the system. Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, protocol
systems | linux, ubuntu
advisories | CVE-2011-1573, CVE-2011-1576, CVE-2011-1776, CVE-2011-2213, CVE-2011-2494, CVE-2011-2495, CVE-2011-2496, CVE-2011-2497, CVE-2011-2517, CVE-2011-2525, CVE-2011-2695, CVE-2011-2723, CVE-2011-2905, CVE-2011-2909, CVE-2011-2928, CVE-2011-3188, CVE-2011-3191, CVE-2011-3363
SHA-256 | 34637add57bb1c47bb725041cb1273223d64aa46133511754d889d306943b525
Ubuntu Security Notice USN-1240-1
Posted Oct 25, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1240-1 - Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Vasiliy Kulikov and Dan Rosenberg discovered that ecryptfs did not correctly check the origin of mount points. A local attacker could exploit this to trick the system into unmounting arbitrary mount points, leading to a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-1576, CVE-2011-1833, CVE-2011-2494, CVE-2011-2495, CVE-2011-2497, CVE-2011-2695, CVE-2011-2699, CVE-2011-2905, CVE-2011-2928, CVE-2011-3188, CVE-2011-3191
SHA-256 | 7bb5696fdf28788ddf1a181d26c0746a318f35d21e90975dc7a17a6248fbbf34
Ubuntu Security Notice USN-1239-1
Posted Oct 25, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1239-1 - Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Vasiliy Kulikov and Dan Rosenberg discovered that ecryptfs did not correctly check the origin of mount points. A local attacker could exploit this to trick the system into unmounting arbitrary mount points, leading to a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-1576, CVE-2011-1833, CVE-2011-2494, CVE-2011-2495, CVE-2011-2497, CVE-2011-2695, CVE-2011-2699, CVE-2011-2905, CVE-2011-2928, CVE-2011-3188, CVE-2011-3191
SHA-256 | a8d44e1d2d7d40338fc3f73c81b91d2690ae35010e30a9837bab689992f33bd1
Ubuntu Security Notice USN-1236-1
Posted Oct 20, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1236-1 - It was discovered that the Auerswald usb driver incorrectly handled lengths of the USB string descriptors. A local attacker with physical access could insert a specially crafted USB device and gain root privileges. It was discovered that the Stream Control Transmission Protocol (SCTP) implementation incorrectly calculated lengths. If the net.sctp.addip_enable variable was turned on, a remote attacker could send specially crafted traffic to crash the system. Various other issues were also addressed.

tags | advisory, remote, local, root, protocol
systems | linux, ubuntu
advisories | CVE-2009-4067, CVE-2011-1573, CVE-2011-2494, CVE-2011-2495, CVE-2011-3188
SHA-256 | b0bddf24cb995158c0eba5cfbdda2ed4a77f0705cd513bca55d2c0b412b0ac28
Red Hat Security Advisory 2011-1386-01
Posted Oct 20, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1386-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. The maximum file offset handling for ext4 file systems could allow a local, unprivileged user to cause a denial of service. IPv6 fragment identification value generation could allow a remote attacker to disrupt a target system's networking, preventing legitimate users from accessing its services. Various other issues in the kernel have also been addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, redhat
advisories | CVE-2009-4067, CVE-2011-1160, CVE-2011-1585, CVE-2011-1833, CVE-2011-2484, CVE-2011-2496, CVE-2011-2695, CVE-2011-2699, CVE-2011-2723, CVE-2011-2942, CVE-2011-3131, CVE-2011-3188, CVE-2011-3191, CVE-2011-3209, CVE-2011-3347
SHA-256 | a292c5086756cbebf4c05054f127313991d1329a2c63d6296b2aa08d6948fc72
Ubuntu Security Notice USN-1228-1
Posted Oct 12, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1228-1 - Timo Warns discovered that the EFI GUID partition table was not correctly parsed. A physically local attacker that could insert mountable devices could exploit this to crash the system or possibly gain root privileges. Dan Rosenberg discovered that the IPv4 diagnostic routines did not correctly validate certain requests. A local attacker could exploit this to consume CPU resources, leading to a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, local, root
systems | linux, ubuntu
advisories | CVE-2011-1776, CVE-2011-2213, CVE-2011-2497, CVE-2011-2695, CVE-2011-2700, CVE-2011-2723, CVE-2011-2928, CVE-2011-3188, CVE-2011-3191
SHA-256 | 7a796facfbdbd4810efed8d348e53d29c7acf6784437937e622860655741e4f6
Ubuntu Security Notice USN-1220-1
Posted Sep 29, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1220-1 - Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Timo Warns discovered that the EFI GUID partition table was not correctly parsed. A physically local attacker that could insert mountable devices could exploit this to crash the system or possibly gain root privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2011-1576, CVE-2011-1776, CVE-2011-2213, CVE-2011-2497, CVE-2011-2700, CVE-2011-2723, CVE-2011-2928, CVE-2011-3188, CVE-2011-3191
SHA-256 | 381cb500bd82528a730aee301d5df2fea4835c168a78a002069bcb53da18ca72
Debian Security Advisory 2310-1
Posted Sep 23, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2310-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2009-4067, CVE-2011-0712, CVE-2011-1020, CVE-2011-2209, CVE-2011-2211, CVE-2011-2213, CVE-2011-2484, CVE-2011-2491, CVE-2011-2492, CVE-2011-2495, CVE-2011-2496, CVE-2011-2497, CVE-2011-2525, CVE-2011-2928, CVE-2011-3188, CVE-2011-3191
SHA-256 | 0ade6375df4fb18e4bf4cc0f6541e056556cbe078ca3ef9db083dea13e260836
Debian Security Advisory 2303-2
Posted Sep 11, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2303-2 - The linux-2.6 and user-mode-linux upgrades from DSA-2303-1 has caused a regression that can result in an oops during invalid accesses to /proc/<pid>/maps files.

tags | advisory
systems | linux, debian
advisories | CVE-2011-1020, CVE-2011-1576, CVE-2011-2484, CVE-2011-2491, CVE-2011-2492, CVE-2011-2495, CVE-2011-2496, CVE-2011-2497, CVE-2011-2517, CVE-2011-2525, CVE-2011-2700, CVE-2011-2723, CVE-2011-2905, CVE-2011-2909, CVE-2011-2918, CVE-2011-2928, CVE-2011-3188, CVE-2011-3191
SHA-256 | 5e72a6c97cffe3e5d4480641de2e9dd75b8941004f9b3efb715136b76b23e635
Debian Security Advisory 2303-1
Posted Sep 9, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2303-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2011-1020, CVE-2011-1576, CVE-2011-2484, CVE-2011-2491, CVE-2011-2492, CVE-2011-2495, CVE-2011-2496, CVE-2011-2497, CVE-2011-2517, CVE-2011-2525, CVE-2011-2700, CVE-2011-2723, CVE-2011-2905, CVE-2011-2909, CVE-2011-2918, CVE-2011-2928, CVE-2011-3188, CVE-2011-3191
SHA-256 | 72d50088cc453629042c1d2a8fe39ec8d1f2442c069a5c04c5bf02d848669ad6
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close