what you don't know can hurt you
Showing 1 - 25 of 100 RSS Feed

Files

BlackNurse Spoofed ICMP Denial Of Service Proof Of Concept
Posted Nov 15, 2016
Authored by Todor Donev

Blacknurse is a low bandwidth ICMP attack that is capable of doing denial of service to well known firewalls. Most ICMP attacks that we see are based on ICMP Type 8 Code 0 also called a ping flood attack. BlackNurse is based on ICMP with Type 3 Code 3 packets. We know that when a user has allowed ICMP Type 3 Code 3 to outside interfaces, the BlackNurse attack becomes highly effective even at low bandwidth. Low bandwidth is in this case around 15-18 Mbit/s. This is to achieve the volume of packets needed which is around 40 to 50K packets per second. It does not matter if you have a 1 Gbit/s Internet connection. The impact we see on different firewalls is typically high CPU loads. When an attack is ongoing, users from the LAN side will no longer be able to send/receive traffic to/from the Internet. All firewalls we have seen recover when the attack stops. Various firewalls such as Cisco ASA 5515/5525/5550/5515-X, Fortigate, SonicWall, and more are affected.

tags | exploit, denial of service
systems | cisco
MD5 | 1ce5fd54e281243721b63900ac937de9

Related Files

ciscos.c
Posted Dec 31, 2004
Authored by Okiwan

Ciscos.c v1.3 scans class A, B, and C networks for cisco routers which have telnet open and have not changed the default password from cisco.

systems | cisco
MD5 | c8d0bd0b1965c7973a76097d542488d6
Cisco Security Advisory 20040420-tcp-nonios
Posted Apr 22, 2004
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory: Multiple non-IOS based Cisco products are susceptible to the TCP vulnerability that allows an attacker easier exploitation of reseting an established connection. All Cisco products which contain a TCP stack are susceptible to this vulnerability. Huge list included.

tags | advisory, tcp
systems | cisco
advisories | CVE-2004-0230
MD5 | ab5fb916f6cb82da579a4d6ff70daf27
Cisco Security Advisory 20040407-username
Posted Apr 8, 2004
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory 2004040 - A default username/password pair is present in all releases of the Wireless LAN Solution Engine (WLSE) and Hosting Solution Engine (HSE) software. A user who logs in using this username has complete control of the device. This username cannot be disabled. There is no workaround.

tags | advisory
systems | cisco
MD5 | c7046e6dc8988f3f60d0365243991618
Cisco Security Advisory 20040408-vpnsm
Posted Apr 8, 2004
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory 20040408 - A malformed Internet Key Exchange (IKE) packet may cause the Cisco Catalyst 6500 Series Switch or the Cisco 7600 Series Internet Router hardware, with the VPNSM installed, to crash and reload.

tags | advisory
systems | cisco
MD5 | a138dc472b2634d83c967d5f833aefc9
Cisco Security Advisory 20040317-openssl
Posted Mar 17, 2004
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory 20040317 - A new vulnerability in the OpenSSL implementation for SSL has been announced. An affected network device running an SSL server based on an affected OpenSSL implementation may be vulnerable to a Denial of Service (DoS) attack.

tags | advisory, denial of service
systems | cisco
advisories | CVE-2004-0079, CVE-2004-0112
MD5 | 3cb01c70770abc69086b0bdd50e675bf
Cisco Security Advisory 20040304-css
Posted Mar 4, 2004
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory 20040304 - The CSS 11000 Series Content Services Switches are vulnerable to a Denial of Service (DoS) attack caused by malformed UDP packets received over the management port.

tags | advisory, denial of service, udp
systems | cisco
MD5 | 0619fc1931e714e7cd9119cc7849e470
Cisco Security Advisory 20040219-ONS
Posted Feb 19, 2004
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory 20040219 - Multiple vulnerabilities exist in the Cisco ONS 15327 Edge Optical Transport Platform, the Cisco ONS 15454 Optical Transport Platform, the Cisco ONS 15454 SDH Multiplexer Platform, and the Cisco ONS 15600 Multiservice Switching Platform. With one vulnerability, the TFTP service on UDP port 69 is enabled by default to allow both GET and PUT commands to be executed without any authentication. Another allows for an ACK Denial of Service (DoS) attack on TCP port 1080. Another involves telnet, where access to the underlying VxWorks operating system, by default, is restricted to Superusers only. Due to this vulnerability, a superuser whose account is locked out, disabled, or suspended is still able to login into the VxWorks shell, using their previously configured password.

tags | advisory, denial of service, shell, udp, tcp, vulnerability
systems | cisco
MD5 | 96bc846820392450c6ac3399ed0d1c81
Cisco Security Advisory 20040203-cat6k
Posted Feb 3, 2004
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory 20040203 - A layer 2 frame that is encapsulating a layer 3 packet (IP, IPX, etc.) may cause Cisco 6000/6500/7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) that have a FlexWAN or Optical Services Module (OSM) or that run 12.1(8b)E14 to freeze or reset, if the actual length of this frame is inconsistent with the length of the encapsulated layer 3 packet. This vulnerability may be exploited repeatedly causing a denial of service.

tags | advisory, denial of service
systems | cisco
MD5 | a1a156571248abb6fe9d2ec43ddb609b
Cisco Security Advisory 20040129-ms03-049
Posted Jan 30, 2004
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory 20040129 - Cisco has released an advisory dictating that their products that make use of the Microsoft Workstation service may be susceptible to attack.

tags | advisory
systems | cisco
MD5 | 4ec43b01c38f4a077c94274af5b4e085
Cisco Security Advisory 20040121-voice
Posted Jan 21, 2004
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory 20040124 - The default installation of Cisco voice products on the IBM platform will install the Director Agent in an unsecure state, leaving the Director services vulnerable to remote administration control and/or Denial of Service attacks. The vulnerabilities can be mitigated by configuration changes and Cisco is providing a repair script that will close the vulnerable ports and put the Director agent in secure state without requiring an upgrade.

tags | advisory, remote, denial of service, vulnerability
systems | cisco
MD5 | 06bcc673a931ec89c195327e70216404
Cisco Security Advisory 20040113-h323
Posted Jan 13, 2004
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory 20040113 - Multiple Cisco products contain vulnerabilities in the processing of H.323 messages, which are typically used in Voice over Internet Protocol (VoIP) or multimedia applications. All Cisco products running IOS software, Cisco CallManager versions 3.0 through 3.3, Cisco Conference Connection (CCC), Cisco Internet Service Node (ISN), Cisco BTS 10200 Softswitch, Cisco 7905 IP Phone H.323 Software Version 1.00, and Cisco ATA 18x series products running H.323/SIP loads with versions earlier than 2.16.1 are all susceptible to attack.

tags | advisory, vulnerability, protocol
systems | cisco
MD5 | 3f930aab76ae440b9ce862cab24c1e11
Cisco Security Advisory 20040108-pa
Posted Jan 8, 2004
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory 20040108 - The Cisco Personal Assistant may permit unauthorized access to user configurations via the web interface. Once basic access is granted, normally disallowed user preferences and configurations can be manipulated.

tags | advisory, web
systems | cisco
MD5 | 8d70fd37409828ec876b8b14c0a4b30b
Cisco Security Advisory 20031210-ACNS-auth
Posted Dec 15, 2003
Authored by Cisco Systems | Site cisco.com

Cisco ACNS software prior to 4.2.11 or 5.0.5 contain a remotely exploitable buffer overflow which is triggered by a long password. Affected devices include Content Routers 4400 series, Content Distribution Manager 4600 series, Content Engine 500 and 7300 series, and Content Engine Module for Cisco Routers 2600, 3600 and 3700 series. Workaround is to disable the CE GUI with the command "no gui-server enable".

tags | overflow
systems | cisco
MD5 | 93625507bb30da8fc0ac7d3d633671b7
Cisco Security Advisory 20031202-SNMP-trap
Posted Dec 3, 2003
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory 20031202 - Cisco Aironet Access Points (AP) running Cisco IOS software will send any static Wired Equivalent Privacy (WEP) key in the cleartext to the Simple Network Management Protocol (SNMP) server if the snmp-server enable traps wlan-wep command is enabled. Cisco Aironet 1100, 1200, and 1400 series are affected, but the command is disabled by default.

tags | protocol
systems | cisco
MD5 | 65518f0742d4bd46b464f831a968adf3
ciscoLEAP.txt
Posted Oct 3, 2003
Authored by Evol

Writing describing the short comings of Cisco's LEAP authentication used on their wireless access points and how to score root on them.

tags | paper, root
systems | cisco
MD5 | bcf6a5675f0080ac019286e703d133c6
ciscodos.pl
Posted Aug 10, 2003
Authored by deadbeat

Remote denial of service exploit for the Cisco CSS 11000 Series.

tags | exploit, remote, denial of service
systems | cisco
MD5 | fd1172b357f5184e5985b355b0690ccd
CiscoCasumEst.tgz
Posted Aug 10, 2003
Authored by FX | Site phenoelit.de

Cisco IOS 12.x/11.x remote exploit for the HTTP integer overflow using a malformed HTTP GET request and two gigabytes of data.

tags | exploit, remote, web, overflow
systems | cisco
MD5 | c9ac23b2148d2852017b34f6302f570b
ciscoHTTP.txt
Posted Jul 29, 2003
Authored by Cisco Systems PSIRT

Cisco Security Advisory - Sending a malformed URL to the Cisco Aironet AP1x00 can cause the device to reload resulting in a denial of service.

tags | advisory, denial of service
systems | cisco
advisories | CVE-2003-0511
MD5 | 8b9769d31f0d581d3b0ae51da7b56204
ciscodos.sh
Posted Jul 21, 2003
Authored by Zerash

Remote exploit that causes a denial of service against Cisco IOS versions 11.x through 12.x using hping.

tags | exploit, remote, denial of service
systems | cisco
MD5 | 5b4d3da440603ada84738a3464e28b7e
cisco-bug-44020.tar.gz
Posted Jul 21, 2003
Authored by Martin Kluge

Remote exploit that causes a denial of service against Cisco IOS versions 11.x through 12.x.

tags | exploit, remote, denial of service
systems | cisco
MD5 | 1221af8aa6ac91916c03e6b599441b55
ciscoIPv4.txt
Posted Jul 18, 2003
Authored by Cisco Systems PSIRT | Site cisco.com

Cisco Security Advisory: Cisco routers and switches running the IOS software are vulnerable to a denial of service attack. A rare sequence of crafted IPv4 packets sent directly to the device may cause the input interface to stop processing traffic once the input queue is full.

tags | advisory, denial of service
systems | cisco
MD5 | 494aa21fabcd6eea29e1ec140e0746f3
ciscoCatOS.txt
Posted Jul 11, 2003
Authored by Cisco Systems PSIRT | Site cisco.com

Cisco Security Advisory: After receiving eight TCP connection attempts using a non-standard TCP flags combination, a Catalyst switch will stop responding to further TCP connections to that particular service. In order to re-establish functionality of that service, the switch must be rebooted. CatOS for the following models is affected: 4000 Series including models 2948G and 2980G/2980G-A, 5000 Series including models 2901, 2902 and 2926, and the 6000.

tags | advisory, tcp
systems | cisco
MD5 | 4defc521fe49f9063479c9a5e13d6a65
ciscoVPN3000.txt
Posted May 8, 2003
Authored by Cisco Systems PSIRT | Site cisco.com

Cisco Security Advisory: Multiple vulnerabilities have been found in the Cisco VPN 3000 Concentrator series which includes models 3005, 3015, 3030, 3060, 3080 and the Cisco VPN 3002 Hardware Client. The enabling IPSec over TCP, malformed SSH initialization packet, and malformed ICMP traffic vulnerabilities are discussed.

tags | advisory, tcp, vulnerability
systems | cisco
MD5 | 2871da229ac3afe1c329311dc949412e
cisco-pass.txt
Posted Apr 25, 2003

Cisco Security Advisory: Cisco Catalyst software permits unauthorized access to the enable mode in the 7.5(1) release. Once initial access is granted, access can be obtained for the higher level "enable" mode without a password. This

tags | advisory
systems | cisco
MD5 | ed65a75f9c215c3ed65426ae5f12726a
CiscoACS.txt
Posted Apr 24, 2003
Site cisco.com

Cisco Security Advisory - Cisco Secure ACS for Windows is vulnerable to a buffer overflow on the administration service which runs on TCP port 2002. Exploitation of this vulnerability results in a Denial of Service, and can potentially result in system administrator access. Cisco Secure ACS versions up to and including version 2.6.4 , 3.0.3, and 3.1.1 are affected by this vulnerability.

tags | advisory, denial of service, overflow, tcp
systems | cisco, windows
MD5 | 657c211471c31a5ea9d1f739db0a8ccd
Page 1 of 4
Back1234Next

File Archive:

September 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    5 Files
  • 2
    Sep 2nd
    5 Files
  • 3
    Sep 3rd
    3 Files
  • 4
    Sep 4th
    13 Files
  • 5
    Sep 5th
    16 Files
  • 6
    Sep 6th
    15 Files
  • 7
    Sep 7th
    20 Files
  • 8
    Sep 8th
    16 Files
  • 9
    Sep 9th
    4 Files
  • 10
    Sep 10th
    2 Files
  • 11
    Sep 11th
    15 Files
  • 12
    Sep 12th
    19 Files
  • 13
    Sep 13th
    20 Files
  • 14
    Sep 14th
    38 Files
  • 15
    Sep 15th
    31 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    7 Files
  • 18
    Sep 18th
    15 Files
  • 19
    Sep 19th
    40 Files
  • 20
    Sep 20th
    8 Files
  • 21
    Sep 21st
    1 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close