CVE-2006-1966

An unspecified Fortinet product, possibly Fortinet28, allows remote attackers to cause a denial of service via a "small synflood" to the SMTP port (TCP port 25), as demonstrated by a 10-microsecond wait between sending packets. NOTE: this issue has been disputed in followup posts that suggest that a protection feature is triggering a RST.

Publication date: Fri, 21 Apr 2006 15:02:00 +0000

Cyber News related to CVE-2006-1966

CVE-2006-1966 - An unspecified Fortinet product, possibly Fortinet28, allows remote attackers to cause a denial of service via a "small synflood" to the SMTP port (TCP port 25), as demonstrated by a 10-microsecond wait between sending packets. NOTE: this ...
6 years ago

CVE-2009-1967 - Unspecified vulnerability in the Config Management component in (1) Oracle Database 11.1.0.7 and (2) Oracle Enterprise Manager 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different ...
7 years ago

CVE-2009-1966 - Unspecified vulnerability in the Config Management component in (1) Oracle Database 11.1.0.7 and (2) Oracle Enterprise Manager 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different ...
7 years ago

CVE-2013-2115 - Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag. NOTE: this issue is due to an incomplete fix ...
4 years ago

CVE-2014-1966 - The SNMP implementation in Siemens RuggedCom ROS before 3.11, ROS 3.11 for RS950G, ROS 3.12 before 3.12.4, and ROS 4.0 for RSG2488 allows remote attackers to cause a denial of service (device outage) via crafted packets. ...
3 years ago

CVE-2021-1966 - Possible buffer overflow due to lack of length check of source and destination buffer before copying in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music ...
3 years ago

CVE-2007-1966 - Session fixation vulnerability in eXV2 CMS 2.0.4.3 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID cookie. ...
16 years ago

CVE-2002-1966 - Directory traversal vulnerability in magiccard.cgi in My Postcards Platinum 5.0 and 6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. ...
16 years ago PLATINUM

CVE-2005-1966 - The eTrace_validaddr function in eTrace plugin for e107 portal allows remote attackers to execute arbitrary commands via shell metacharacters after a valid argument to the etrace_host parameter. ...
8 years ago

CVE-2015-1966 - Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before FP17, 6.2.1 before FP9, and 6.2.2 before FP15, as used in Security Access Manager for Mobile and other products, allow remote attackers ...
8 years ago

CVE-2004-1966 - Multiple SQL injection vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) FID parameter in board.php, (2) sortorder, perpage, or id parameters in member.php, (3) ...
7 years ago

CVE-2012-1966 - Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not have the same context-menu restrictions for data: URLs as for javascript: URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL. ...
7 years ago

CVE-2008-1966 - Multiple buffer overflows in the JAR file administration routines in the BSU JAVA subcomponent in IBM DB2 8 before FP16, 9.1 before FP4a, and 9.5 before FP1 allow remote authenticated users to cause a denial of service (instance crash) via a call to ...
6 years ago

CVE-2013-1966 - Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag. ...
5 years ago

CVE-2010-1966 - Unspecified vulnerability in HP Insight Control power management for Windows before 6.1 allows local users to read or modify data, or cause a denial of service, via unknown vectors. ...
5 years ago

CVE-2016-1966 - The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRuntime.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer ...
5 years ago

CVE-2011-1966 - The DNS server in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 does not properly handle NAPTR queries that trigger recursive processing, which allows remote attackers to execute arbitrary code via a crafted query, aka "DNS NAPTR Query ...
4 years ago

CVE-2019-1966 - A vulnerability in a specific CLI command within the local management (local-mgmt) context for Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to gain elevated privileges as the root user on an affected device. The ...
4 years ago

CVE-2018-14683 - PRTG before 19.1.49.1966 has Cross Site Scripting (XSS) in the WEBGUI. ...
3 years ago

CVE-2023-1966 - Instruments with Illumina Universal Copy Service v1.x and ...
1 year ago

CVE-2017-1966 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none ...
55 years ago Tenable.com

CVE-2024-42114 - In the Linux kernel, the following vulnerability has been resolved: ...
5 months ago

CVE-2022-48956 - In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid use-after-free in ip6_fragment() Blamed commit claimed rcu_read_lock() was held by ip6_fragment() callers. It seems to not be always true, at least for UDP stack. syzbot ...
4 months ago Tenable.com

Evolution of AI Assistants: Navigating Breakthroughs in Software Development - This article will help you explore the history of AI's evolution from the first chatbot to smart virtual assistants capable of making their own decisions. Software developers started working on the first virtual assistants in the late 1960s. ELIZA. ...
1 year ago Hackread.com

Texas Retina Associates Notifies Nearly 300k People of Recent Data Breach - On June 26, 2024, Texas Retina Associates filed a notice of data breach with the Attorney General of Texas after discovering that confidential information that had been entrusted to the company was subject to unauthorized access. In this notice, ...
8 months ago Jdsupra.com

Latest Cyber News

Serbian police used Cellebrite zero-day hack to unlock Android phones - 41 minutes ago
Microsoft confirms it's killing off Skype in May, after 14 years - 1 hour ago
CVE-2024-53408 - 2 hours ago
CVE-2024-41338 - 2 hours ago
Chinese Hackers Exploiting Check Point's VPN Zero-Day Vulnerability - 3 hours ago
Nakivo Backup & Replication Tool Vulnerability Allows Attackers to Read Arbitrary Files - 3 hours ago
Hacker behind over 90 high-profile data leaks worldwide arrested in Thailand | The Record from Recorded Future News - 4 hours ago
Poco RAT Malware Exploits PDF Files to Infiltrate Systems and Steal Data - 4 hours ago
Njrat Attacking Users Abusing Microsoft Dev Tunnels for C2 Communications - 4 hours ago
New Pass-the-Cookie Attack Bypass Microsoft 365 & YouTube MFA Logins - 5 hours ago
PingAM Java Agent Vulnerability Let Attackers Gain Unauthorized Access - 5 hours ago
Lynx Ransomware Attacking Organizations to Exfiltrate Sensitive Data - 6 hours ago
1.6 Million Android TVs Worldwide Hacked by Vo1d Botnet - 8 hours ago
New GitHub Scam With Thousand of “mods" & "cracks" Steal Your Data - 8 hours ago
260 Domains Hosting 5,000 Weaponized PDF Files Attacking Users - 8 hours ago
Wallbleed Exposes Memory Vulnerability in China’s Great Firewall DNS System - 9 hours ago
18 Best Web Filtering Solutions - 2025 - 9 hours ago
DeepSeek Data Leak - 12,000 Hardcoded Live API keys and Passwords Exposed - 13 hours ago
Vo1d malware botnet grows to 1.6 million Android TVs worldwide - 18 hours ago
New Vo1d botnet variant infects 1.6 million Android TVs worldwide - 18 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
Kimsuky - 1 year ago
23andMe - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

Serbian police used Cellebrite zero-day hack to unlock Android phones - 41 minutes ago
Microsoft confirms it's killing off Skype in May, after 14 years - 1 hour ago
Chinese Hackers Exploiting Check Point's VPN Zero-Day Vulnerability - 3 hours ago
Nakivo Backup & Replication Tool Vulnerability Allows Attackers to Read Arbitrary Files - 3 hours ago
Hacker behind over 90 high-profile data leaks worldwide arrested in Thailand | The Record from Recorded Future News - 4 hours ago
Poco RAT Malware Exploits PDF Files to Infiltrate Systems and Steal Data - 4 hours ago
Njrat Attacking Users Abusing Microsoft Dev Tunnels for C2 Communications - 4 hours ago
New Pass-the-Cookie Attack Bypass Microsoft 365 & YouTube MFA Logins - 5 hours ago
PingAM Java Agent Vulnerability Let Attackers Gain Unauthorized Access - 5 hours ago
Lynx Ransomware Attacking Organizations to Exfiltrate Sensitive Data - 6 hours ago
1.6 Million Android TVs Worldwide Hacked by Vo1d Botnet - 8 hours ago
New GitHub Scam With Thousand of “mods" & "cracks" Steal Your Data - 8 hours ago
260 Domains Hosting 5,000 Weaponized PDF Files Attacking Users - 8 hours ago
Wallbleed Exposes Memory Vulnerability in China’s Great Firewall DNS System - 9 hours ago
18 Best Web Filtering Solutions - 2025 - 9 hours ago
DeepSeek Data Leak - 12,000 Hardcoded Live API keys and Passwords Exposed - 13 hours ago
CVE-2018-9994 - 1 year ago
CVE-2018-9329 - 1 year ago
CVE-2018-9324 - 1 year ago
CVE-2018-9323 - 1 year ago