129 matches found
CVE-2020-13986
An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rplremoveheader in net/rpl/rpl-ext-header.c...
CVE-2020-13984
An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when processing IPv6 extension headers in exthdroptionsprocess in net/ipv6/uip6.c...
Code injection
An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rplremoveheader in net/rpl/rpl-ext-header.c...
Code injection
An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when processing IPv6 extension headers in exthdroptionsprocess in net/ipv6/uip6.c...
CVE-2020-13986
An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rplremoveheader in net/rpl/rpl-ext-header.c...
CVE-2020-13985
An issue was discovered in Contiki through 3.0. A memory corruption vulnerability exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rplremoveheader in net/rpl/rpl-ext-header.c...
CVE-2020-13985
CVE-2020-13985 (AMNESIA:33) targets Contiki/Contiki-NG uIP stack: memory corruption via improper handling of IPv6 RPL extension headers in rpl_remove_header. Affected stack variants include Contiki 3.0 and prior, uIP-based implementations, and related TCP/IP stacks (e.g., picoTCP/N G, FNET, Nut/N...
PT-2020-15010 · Fnet · Fnet
Name of the Vulnerable Software and Affected Versions: FNET versions through 4.6.4 Description: An issue was discovered in the code for processing the hop-by-hop header in the IPv6 extension headers. The code does not check for a valid length of an extension header, which can lead to an...
FNET Buffer Error Vulnerability
FNET is a soft armor from the FNET organization that provides dual TCP / IPv4 and IPv6 stack support for 32-bit MCUs. FNET suffers from a buffer error vulnerability that stems from a function that handles IPv6 hop-by-hop extension headers not checking the validity of their option lengths, allowin...
CVE-2018-6350
An out-of-bounds read was possible in WhatsApp due to incorrect parsing of RTP extension headers. This issue affects WhatsApp for Android prior to 2.18.276, WhatsApp Business for Android prior to 2.18.99, WhatsApp for iOS prior to 2.18.100.6, WhatsApp Business for iOS prior to 2.18.100.2, and...
Code injection
On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform packet matching on any IPv6 extension headers. This issue may allow IPv6 packets that should have been blocked to be forwarded. IPv4 packet filtering is unaffected by this vulnerability. Affected...
CVE-2019-0005
On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform packet matching on any IPv6 extension headers. This issue may allow IPv6 packets that should have been blocked to be forwarded. IPv4 packet filtering is unaffected by this vulnerability. Affected...
CVE-2019-0005
On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform packet matching on any IPv6 extension headers. This issue may allow IPv6 packets that should have been blocked to be forwarded. IPv4 packet filtering is unaffected by this vulnerability. Affected...
CVE-2017-12244
A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause high CPU utilization or to cause a denial of service DoS condition because the Snort process restarts unexpectedly. The vulnerability is due...
Cisco IOS XR Software Crafted IPv6 Packet DoS (cisco-sa-20150611-iosxr)
The remote Cisco IOS XR device is affected by a denial of service vulnerability due to improper processing of IPv6 packets carrying extension headers that are otherwise valid but are unlikely to occur during normal operation. A remote attacker, using a specially crafted packet, can cause a reload...
CVE-2015-0769
Cisco IOS XR 4.0.1 through 4.2.0 for CRS-3 Carrier Routing System allows remote attackers to cause a denial of service NPU ASIC scan and line-card reload via crafted IPv6 extension headers, aka Bug ID CSCtx03546...
Code injection
Cisco IOS XR 4.0.1 through 4.2.0 for CRS-3 Carrier Routing System allows remote attackers to cause a denial of service NPU ASIC scan and line-card reload via crafted IPv6 extension headers, aka Bug ID CSCtx03546...
Cisco Patches IPv6 Vulnerability in Carrier Routers
Cisco said on Thursday it has patched a denial of service vulnerability in its IOS XR software used in carrier-grade routers. The vulnerability, Cisco said, rests in the IPv6 processing code used by IOS XR in the Cisco CRS-3 Carrier Routing System. The bug is remotely exploitable and is due to...
Cisco IOS XR Software Crafted IPv6 Packet Denial of Service Vulnerability
A vulnerability in the IP version 6 IPv6 processing code of Cisco IOS XR Software for Cisco CRS-3 Carrier Routing System could allow an unauthenticated, remote attacker to trigger an ASIC scan of the Network Processor Unit NPU and a reload of the line card processing an IPv6 packet. The...
Cisco IOS XR Denial-of-Service Vulnerability
Cisco has identified a vulnerability that could allow an unauthenticated remote attacker to cause a denial-of-service condition. The vulnerability is due to improper processing of malformed IPv6 packets carrying extension headers. A Cisco Carrier Routing System 3 CRS-3 running a version of Cisco...