Posts Tagged ‘Denial of Service’


cisco company logoFour new vulnerabilities in the Cisco products

Four Cisco security products are vulnerable to the DDoS and XSS attacks. Four new vulnerabilities have been found in the Cisco products.

Affected Products:

  • Nexus 9000 Series Switches (CVE-2015-0686 DDoS vulnerability)
  • Catalyst 4500 Series (CVE-2015-0687 DDoS vulnerability)
  • Aggregation Services Routers (CVE-2015-0688 DDoS vulnerability)
  • Wireless LAN Controller (CVE-2015-0690 XSS vulnerability)

(more…)

ibm logoThere are multiple vulnerabilities in IBM products: QRadar SIEM, and Storwize V7000 Unified

#1. Multiple vulnerabilities in IBM QRadar SIEM

Danger: Low
Availability Corrections: Yes
Number of vulnerabilities: 2
CVSSv2 Rating: (AV: A / AC: M / Au: N / C: P / I: P / A: N / E: U / RL: OF / RC: C) = Base: 4.3 / Temporal: 3.2
(AV: A / AC: L / Au: N / C: P / I: P / A: N / E: U / RL: OF / RC: C) = Base: 4.8 / Temporal: 3.5
CVE ID: CVE-2014-4824; CVE-2014-4826 (more…)

FreeBSD Logo

Vulnerability in FreeBSD

Cyber security news 2014: Denial of service in FreeBSD

Revealed the vulnerability in all supported branches of FreeBSD

The flaw allows an attacker to reset the TCP connection by sending a specially designed package.

In all versions of network operating systems FreeBSD has been discovered vulnerability (CVE-2004-0230). The flaw allows an attacker to reset the TCP connection by sending a TCP packet, which contain bogus IP-address. To commit attacks cybercriminals was enough just to know numbers of active ports. (more…)

VulnerabilityCyber Security Notifications: New Vulnerabilities of September 2014

Security vulnerabilities related to Netbsd : Descriptions of vulnerabilities related to products of this vendor of September 12, 2014.

This post presents and discloses a newly found, local network affecting, NetBSD security vulnerabilities.

#1 Denial of service in NetBSD

Danger: Low
Availability fix: corrective instructions
Number of vulnerabilities: 4
CVSSv2 Rating: (AV: L / AC: L / Au: N / C: N / I: N / A: C / E: U / RL: W / RC: C) = (more…)

VulnerabilityCyber Security Notifications: New Vulnerabilities of September 2014

New Microsoft vulnerabilities of September 10, 2014

  • Denial of service in the Microsoft Lync Server
  • Privilege escalation in the Microsoft Windows Task Manager
  • Denial of service in Microsoft .NET Framework
  • Multiple vulnerabilities in Microsoft Internet Explorer

(more…)

Wordpress VulnerabilityWordPress has gotten some negative publicity for being a target for hackers. While no site is totally impenetrable, quite a few computer hackers simply aim at easy targets.

Your WordPress site becomes an easy target when you neglect updates or use site management techniques that make your site inviting. Your home is not impenetrable, but you don’t go out and leave the doors unlocked or leave the windows open. Sure, someone can still break in when it is locked, but thieves are generally in a hurry and want an easy target.

Same with your website, therefore knowing the most common WordPress security mistakes will greatly decrease the odds of your site being hacked. (more…)

CloudCloud Hosting is a way of creating cost effective, scalable and safe web architecture by configuring servers. With all its advantages there are some concerns which are plaguing the extensive use of Cloud Hosting. One of such issue is Security. The security mentioned could be the security of data from hardware damage, but such security is enhanced in cloud hosting since the data is distributed. The real security issues are:

Data Breaches

Data breaches refer to the access of client’s data by someone other than a client. The magnitude of thisthreat was illustrated in the research paper by CSA (Cloud Security Alliance) that how a multitenant server can be breached if the cloud service database is not designed properly. (more…)

DDoS attack alertInstead of running broad-spectrum attacks, many DDoS users are focusing on areas of weakness in the target network. This approach requires more finesse than … Read more below.

From the earliest days of history, there have been people who develop ways to get past security and attract attention through vandalism.  Graffiti, prank phone calls, and “gotcha” type TV-shows are some of the more recent examples, but, with the advent of the Internet, a new form of vandalism has appeared.  The Distributed Denial of Service (DDoS) Attack.

What is Distributed Denial of Service?

First arising in the 1990s as a way to expel people from Internet chat rooms and the like, a DDoS attack is the digital equivalent of a sledgehammer; instead of introducing a virus or remotely controlling the target machine, a DDoS attempts to overwhelm the computer with an excess of data.  This influx of random “nuisance” data renders the machine or network incapable of performing its regular functions. (more…)

Cisco logoVulnerability: Vulnerabilities in Cisco Wireless LAN Controller

Danger level: High
Patch: Yes
Number of vulnerabilities: 3

CVE ID: CVE-2013-1102
CVE-2013-1103
CVE-2013-1105

Vector of operation: Remote
Impact: Denial of service
System compromise

Affected Products: Cisco Wireless LAN Controller (WLC) 7.x, Cisco 2500 Series Wireless Controllers, Cisco Wireless LAN Controller Module, Cisco 4400 Series Wireless LAN Controller, Cisco 2000 Series Wireless LAN Controller, Cisco 2100 Series Wireless LAN Controller. (more…)

IBM logoVulnerability: vulnerabilities in IBM WebSphere DataPower XC10

Danger: Low
Patch: Yes
Number of vulnerabilities: 2

CVE ID: CVE-2012-5756
CVE-2012-5758
CVE-2012-5759
Vector of operation: LAN
Impact: Denial of service
Security Bypass

Affected Products: IBM WebSphere DataPower XC10 2.x

Affected versions: WebSphere DataPower XC10 2.0.0.0 – 2.0.0.3, WebSphere DataPower XC10 2.1.0.0 – 2.1.0.2

Description:

Which can be exploited by malicious people to carry out DoS-attack.

1. The vulnerability is due to the fact that a certain functional control interface available without pre-authentication. A remote user can disable certain features. (more…)