Previous
IP Fragment Reassembly Vulnerability (Windows 2000)
Downloads The vulnerability would not allow a malicious user to compromise data on the machine or usurp administrative control. Machines protected by a proxy server or a firewall that drops fragmented packets would not be affected by this vulnerability.
[May 24, 2000, 7:19]
Cisco Security Advisory: Crafted IP Option Vulnerability
White Papers The vulnerability may be exploited after processing an Internet Control Message Protocol (ICMP) packet, Protocol Independent Multicast version 2 (PIMv2) packet, Pragmatic General Multicast (PGM) packet, or URL Rendezvous Directory (URD) packet...
[June 9, 2007, 1:00]
Microsoft silent over IP vulnerability claims
News The UK's National Infrastructure Security Co-ordination Centre (NISCC) published details of this denial-of-service vulnerability earlier this week that affects some routers, firewalls and voice-over-IP (VoIP) phones.
[April 15, 2005, 16:40]
Prevention of IP Spoofing in TCP/IP Connection: Vulnerability Ability and Probable Solutions - A Reverse Engineering Approach
White Papers This paper also discusses TCP attack "IP SPOOFING" and recommends steps to improve the security state of a TCP based system. In network environment the computer facilities are interconnected by using the Transmission Control Protocol - Internet...
[May 8, 2009, 3:31]
Microsoft Windows 98 Patch: IP Fragment Reassembly
Downloads This update resolves the "IP Fragment Reassembly" security vulnerability in Windows 98 and Windows 98 Second Edition. The vulnerability does not allow a malicious user to compromise data on the computer or usurp administrative control over it.
[May 19, 2000, 8:00]
Microsoft Windows 95 Patch: IP Fragment Reassembly
Downloads This update resolves the "IP Fragment Reassembly" security vulnerability in Windows 95. The vulnerability would not allow a malicious user to compromise data on the computer or usurp administrative control over it.
[May 19, 2000, 8:00]
CERT warns of key ISC vulnerability
News CERT has warned of a serious security vulnerability in ISC's DHCP (Dynamic Host Configuration Protocol) software, which is shipped with multiple operating systems including popular Linux and BSD variants.
[January 16, 2003, 8:48]
NISCC warns on Cisco IP phone flaw
News The flaw, which opens the IP phone service up to DoS attacks, was reported by the National Infrastructure Security Co-ordination Centre, the Government's cybersecurity group, in its warning, it gave the DNS protocol vulnerability, which also...
[May 25, 2005, 10:10]
Cisco sounds multiple security warnings
News The vulnerability was associated with Cisco IP phones running the DNS protocol. Cisco has issued a patch for the vulnerability, which can be found on its Web site. Cisco issued a software patch for the vulnerability when it was first reported.
[July 15, 2005, 9:40]
SIP flaw causes problems for Cisco
News HTTP-like ASCII presentations of the SIP messages may initially attract more script-kiddie level hostility (vulnerability assessment) than the rival protocols with complex encodings have attracted so far.
[March 10, 2003, 10:00]
The return of Code Red
News On June 18, 2001, Microsoft published a patch for the buffer overflow vulnerability in IIS file ldq.dll, which opened servers to this attack. Symantec reports that the backdoor planted by Code Red.F, Trojan.VirtualRoot, exploits a Windows 2000...
[March 24, 2003, 10:23]
Microsoft admits WINS flaw
News The vulnerability is in Windows Internet Name Service, or WINS, a network infrastructure component of server products such as Windows NT 4.0 Server, Windows 2000 Server and Windows Server 2003, Microsoft said on Tuesday.
[December 1, 2004, 7:35]
Flaw in O2 routers could lead to hijack
News O2 has confirmed that its home broadband routers are affected by a vulnerability that could allow intruders to take extensive control and steal the wireless password. O2 refused to comment on the details of the problem, but said in a statement on...
[September 3, 2009, 15:05]
HP: Hacking techniques help security
News For example, Code Red exploited a vulnerability in MS IIS Web service software — we would exploit the same vulnerability," said Brown. Each of the clients will be given a range of IP addresses to scan, and will move through the range scanning for...
[July 4, 2006, 17:25]
Microsoft releases critical patches
News There is no user interaction required to exploit the vulnerability," said Neel Mehta, team leader of advanced research for ISS' X-Force unit. With the vulnerability in the Exchange Server software for managing email, contact lists and calendars...
[April 13, 2005, 10:05]
Sans Institute warns of cookie-stealing threat
News According to Perry, who also publicised the vulnerability, CookieMonster is a man-in-the-middle attack that works by obtaining DNS responses and caching them. Perry first published details of the vulnerability a year ago on the Bugtraq mailing list.
[September 12, 2008, 15:50]
Microsoft offers $250k bounty for Downadup arrest
News The worm, which has been around since last year, spreads through a hole in Windows systems, exploiting a vulnerability that Microsoft patched in October. W32.Downadup is the first successful worm to target a vulnerability in a remote service since...
[February 13, 2009, 12:06]
Latest variant of Downadup worm circulating
News Previous versions of Downadup took action to prevent further exploitation of the vulnerability, Microsoft said in an advisory of its own. The worm, which has been around since last year, spreads through a hole in Windows systems, exploiting a...
[February 24, 2009, 8:48]
Downadup worm infects 3.5m PCs
News Downadup, which also goes by the name of Conficker, exploits a vulnerability outlined in MS08-067, a Windows Server service flaw that was patched in October. Graham Cluley, senior technology consultant at Sophos, told ZDNet UK on Thursday that...
[January 15, 2009, 13:20]
First security scare hits next-generation Internet
News A vulnerability discovered in some of Juniper Networks' routing software highlights that the next-generation Internet, known as Internet Protocol version 6, still has a ways to go before it will be ready for widespread adoption.
[July 5, 2004, 8:55]
