RSS   Vulnerabilities for 'Netbsd current'   RSS

2008-10-20
 
CVE-2008-4609

CWE-noinfo
 

 
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.

 
2008-03-13
 
CVE-2008-1335

CWE-DesignError
 

 
The ipsec4_get_ulp function in the kernel in NetBSD 2.0 through 3.1 and NetBSD-current before 20071028, when the fast_ipsec subsystem is enabled, allows remote attackers to bypass the IPsec policy by sending packets from a source machine with a different endianness than the destination machine, a different vulnerability than CVE-2006-0905.

 

 >>> Vendor: Netbsd 5 Products
Netbsd
Umapfs
FTPD
Netbsd current
Tnftpd


Copyright 2019, cxsecurity.com

 

Back to Top