Home Tags Transmission Control Protocol (TCP)

Tag: Transmission Control Protocol (TCP)

Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers (ASR), Cisco 4400 Series Integrated Services Routers (ISR), and Cisco Cloud Services Routers (CSR) 1000v Series contains the following vulnerabilities: Cisco IOS XE S...
In October 2017, we learned of a vulnerability in Telegram Messengerrsquo;s Windows client that was being exploited in the wild.
It involves the use of a classic right-to-left override attack when a user sends files over the messenger service.
A vulnerability in the TCP throttling process of Cisco Prime Network could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient rate limiting protect...
Auto-pwn code glues device search engine Shodan to Metasploit weapons cache Python code has emerged that automatically searches for vulnerable devices online using Shodan.io – and then uses Metasploit's database of exploits to potentially hijack the co...
Even some devices with patches available are connected to the naked Internet.

Jack of all trades

Among this array of threats we found a rather interesting sample – Trojan.AndroidOS.Loapi.

This Trojan boasts a complicated modular architecture that means it can conduct a variety of malicious activities: mine cryptocurrencies, annoy users with constant ads, launch DDoS attacks from the affected device and much more.
4A vulnerability in the TCP stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper processing of certain TCP packets in the closing sequence ...
A vulnerability in the Border Gateway Protocol (BGP) over an Ethernet Virtual Private Network (EVPN) for Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload, resulting in anbsp;denial of service (DoS...
Wi-Fi Protected Access(WPA,more commonly WPA2)handshake traffic can be manipulated to induce nonce and session key reuse,resulting in key reinstallation by a wireless access point(AP)or client.

An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used.

Attacks may include arbitrary packet decryption and injection,TCP connection hijacking,HTTP content injection,or the replay of unicast and group-addressed frames.

These vulnerabilities are referred to as Key Reinstallation Attacks orKRACKattacks.