Lucene search
K

129 matches found

OSV
OSV
added 2020/12/11 10:15 p.m.4 views

CVE-2020-13986

An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rplremoveheader in net/rpl/rpl-ext-header.c...

7.5CVSS7.1AI score0.03014EPSS
Exploits0References2
NVD
NVD
added 2020/12/11 10:15 p.m.29 views

CVE-2020-13984

An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when processing IPv6 extension headers in exthdroptionsprocess in net/ipv6/uip6.c...

7.5CVSS8AI score0.01678EPSS
Exploits0References2
Prion
Prion
added 2020/12/11 10:15 p.m.14 views

Code injection

An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rplremoveheader in net/rpl/rpl-ext-header.c...

5CVSS8.6AI score0.03014EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2020/12/11 10:15 p.m.21 views

Code injection

An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when processing IPv6 extension headers in exthdroptionsprocess in net/ipv6/uip6.c...

5CVSS8.5AI score0.01678EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/12/11 9:36 p.m.30 views

CVE-2020-13986

An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rplremoveheader in net/rpl/rpl-ext-header.c...

8AI score0.03014EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/12/11 9:35 p.m.22 views

CVE-2020-13985

An issue was discovered in Contiki through 3.0. A memory corruption vulnerability exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rplremoveheader in net/rpl/rpl-ext-header.c...

8.2AI score0.04812EPSS
Exploits0References2
CVE
CVE
added 2020/12/11 9:35 p.m.66 views

CVE-2020-13985

CVE-2020-13985 (AMNESIA:33) targets Contiki/Contiki-NG uIP stack: memory corruption via improper handling of IPv6 RPL extension headers in rpl_remove_header. Affected stack variants include Contiki 3.0 and prior, uIP-based implementations, and related TCP/IP stacks (e.g., picoTCP/N G, FNET, Nut/N...

7.5CVSS8.1AI score0.04812EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2020/12/11 12:0 a.m.9 views

PT-2020-15010 · Fnet · Fnet

Name of the Vulnerable Software and Affected Versions: FNET versions through 4.6.4 Description: An issue was discovered in the code for processing the hop-by-hop header in the IPv6 extension headers. The code does not check for a valid length of an extension header, which can lead to an...

7.5CVSS7.4AI score0.02956EPSS
Exploits0References11
CNNVD
CNNVD
added 2020/12/08 12:0 a.m.10 views

FNET Buffer Error Vulnerability

FNET is a soft armor from the FNET organization that provides dual TCP / IPv4 and IPv6 stack support for 32-bit MCUs. FNET suffers from a buffer error vulnerability that stems from a function that handles IPv6 hop-by-hop extension headers not checking the validity of their option lengths, allowin...

7.5CVSS7.3AI score0.02956EPSS
Exploits0References7
OSV
OSV
added 2019/06/14 5:29 p.m.5 views

CVE-2018-6350

An out-of-bounds read was possible in WhatsApp due to incorrect parsing of RTP extension headers. This issue affects WhatsApp for Android prior to 2.18.276, WhatsApp Business for Android prior to 2.18.99, WhatsApp for iOS prior to 2.18.100.6, WhatsApp Business for iOS prior to 2.18.100.2, and...

9.8CVSS5.8AI score0.01693EPSS
Exploits0References2
Prion
Prion
added 2019/01/15 9:29 p.m.18 views

Code injection

On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform packet matching on any IPv6 extension headers. This issue may allow IPv6 packets that should have been blocked to be forwarded. IPv4 packet filtering is unaffected by this vulnerability. Affected...

5CVSS5.4AI score0.01155EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2019/01/15 9:29 p.m.22 views

CVE-2019-0005

On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform packet matching on any IPv6 extension headers. This issue may allow IPv6 packets that should have been blocked to be forwarded. IPv4 packet filtering is unaffected by this vulnerability. Affected...

5.3CVSS5.4AI score0.01155EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/01/15 9:0 p.m.25 views

CVE-2019-0005

On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform packet matching on any IPv6 extension headers. This issue may allow IPv6 packets that should have been blocked to be forwarded. IPv4 packet filtering is unaffected by this vulnerability. Affected...

5.4AI score0.01155EPSS
Exploits0References2
OSV
OSV
added 2017/10/05 7:29 a.m.2 views

CVE-2017-12244

A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause high CPU utilization or to cause a denial of service DoS condition because the Snort process restarts unexpectedly. The vulnerability is due...

8.6CVSS5.8AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/06/19 12:0 a.m.14 views

Cisco IOS XR Software Crafted IPv6 Packet DoS (cisco-sa-20150611-iosxr)

The remote Cisco IOS XR device is affected by a denial of service vulnerability due to improper processing of IPv6 packets carrying extension headers that are otherwise valid but are unlikely to occur during normal operation. A remote attacker, using a specially crafted packet, can cause a reload...

7.8CVSS5.5AI score0.02194EPSS
Exploits0References2
NVD
NVD
added 2015/06/12 2:59 p.m.14 views

CVE-2015-0769

Cisco IOS XR 4.0.1 through 4.2.0 for CRS-3 Carrier Routing System allows remote attackers to cause a denial of service NPU ASIC scan and line-card reload via crafted IPv6 extension headers, aka Bug ID CSCtx03546...

7.8CVSS6.6AI score0.02194EPSS
Exploits0References2
Prion
Prion
added 2015/06/12 2:59 p.m.11 views

Code injection

Cisco IOS XR 4.0.1 through 4.2.0 for CRS-3 Carrier Routing System allows remote attackers to cause a denial of service NPU ASIC scan and line-card reload via crafted IPv6 extension headers, aka Bug ID CSCtx03546...

7.8CVSS7.2AI score0.02194EPSS
Exploits0References2Affected Software1
ThreatPost
ThreatPost
added 2015/06/12 10:0 a.m.9 views

Cisco Patches IPv6 Vulnerability in Carrier Routers

Cisco said on Thursday it has patched a denial of service vulnerability in its IOS XR software used in carrier-grade routers. The vulnerability, Cisco said, rests in the IPv6 processing code used by IOS XR in the Cisco CRS-3 Carrier Routing System. The bug is remotely exploitable and is due to...

1.3AI score
Exploits0References2
Cisco
Cisco
added 2015/06/11 4:10 p.m.28 views

Cisco IOS XR Software Crafted IPv6 Packet Denial of Service Vulnerability

A vulnerability in the IP version 6 IPv6 processing code of Cisco IOS XR Software for Cisco CRS-3 Carrier Routing System could allow an unauthenticated, remote attacker to trigger an ASIC scan of the Network Processor Unit NPU and a reload of the line card processing an IPv6 packet. The...

5CVSS6.2AI score0.02194EPSS
Exploits0References1
CISA
CISA
added 2015/06/11 12:0 a.m.14 views

Cisco IOS XR Denial-of-Service Vulnerability

Cisco has identified a vulnerability that could allow an unauthenticated remote attacker to cause a denial-of-service condition. The vulnerability is due to improper processing of malformed IPv6 packets carrying extension headers. A Cisco Carrier Routing System 3 CRS-3 running a version of Cisco...

6.9AI score
Exploits0References1
Rows per page
Query Builder