FreeBSD -- ICMPv6 use-after-free in error message handling

Problem Description: When an ICMPv6 error message is received, the FreeBSD ICMPv6 stack may extract information from the message to hand to upper-layer protocols. As a part of this operation, it may parse IPv6 header options from a packet embedded in the ICMPv6 message. The handler for a routing...

Exploit for CVE-2020-16898

PoC exploit for CVE-2020-16898, a Windows TCP/IP Remote Code Execution Vulnerability. The exploit targets the Windows TCP/IP stack and uses a specially crafted IPv6 packet to trigger a buffer overflow, leading to remote code execution. The exploit is implemented in Python using the Scapy library...

CVE-2020-16899

A denial of service vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to send...

CVE-2020-16843

In Firecracker 0.20.x before 0.20.1 and 0.21.x before 0.21.2, the network stack can freeze under heavy ingress traffic. This can result in a denial of service on the microVM when it is configured with a single network interface, and an availability problem for the microVM network interface on whi...

CVE-2020-16843

In Firecracker 0.20.x before 0.20.1 and 0.21.x before 0.21.2, the network stack can freeze under heavy ingress traffic. This can result in a denial of service on the microVM when it is configured with a single network interface, and an availability problem for the microVM network interface on whi...

Design/Logic Flaw

In Firecracker 0.20.x before 0.20.1 and 0.21.x before 0.21.2, the network stack can freeze under heavy ingress traffic. This can result in a denial of service on the microVM when it is configured with a single network interface, and an availability problem for the microVM network interface on whi...

CVE-2020-16843

In Firecracker 0.20.x before 0.20.1 and 0.21.x before 0.21.2, the network stack can freeze under heavy ingress traffic. This can result in a denial of service on the microVM when it is configured with a single network interface, and an availability problem for the microVM network interface on whi...

CVE-2020-16843

CVE-2020-16843 affects Firecracker 0.20.x before 0.20.1 and 0.21.x before 0.21.2. The issue is in the network stack, which can freeze under heavy ingress traffic, leading to a denial of service on a microVM configured with a single network interface and an availability problem for that interface....

Treck/Kasago Network Stack Detection

Binary data treckdetect2.nbin...

Treck/Kasago Network Stack Detection With IP Option.

Binary data treckipopt7.nbin...

CVE-2020-11911

The Treck TCP/IP stack before 6.0.1.66 has Improper ICMPv4 Access Control...

CVE-2020-11897

The Treck TCP/IP stack before 5.0.1.35 has an Out-of-Bounds Write via multiple malformed IPv6 packets...

CVE-2020-11901

The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response...

Treck TCP/IP Stack Access Control Error Vulnerability

Treck TCP/IP is a suite of TCP Transmission Control Protocol/IP Internet Interconnection Protocol from Treck, Inc. dedicated to embedded systems. An access control error vulnerability exists in the Treck TCP/IP stack. The vulnerability arises from a network system or product that does not properl...

New Ripple20 Flaws Put Billions of Internet-Connected Devices at Risk of Hacking

The Department of Homeland Security and CISA ICS-CERT today issued a critical security advisory warning about over a dozen newly discovered vulnerabilities affecting billions of Internet-connected devices manufactured by many vendors across the globe. Dubbed "Ripple20 ," the set of 19...

Cisco NX-OS Software Unexpected IP in IP Packet Processing Vulnerability (cisco-sa-nxos-ipip-dos-kCT9X4)

According to its self-reported version, the Cisco NX-OS Software is affected by a denial of service vulnerability in the network stack due to the affected device unexpectedly decapsulating and processing IP in IP packets that are destined to a locally configured IP address. An unauthenticated,...

Severe Cisco DoS Flaw Can Cripple Nexus Switches

Cisco has patched a high-severity flaw in its NX-OS software, the network operating system used by Cisco’s Nexus-series Ethernet switches. If exploited, the vulnerability could allow an unauthenticated, remote attacker to bypass the input access control lists ACLs configured on affected Nexus...

Cisco NX-OS Software Unexpected IP in IP Packet Processing Vulnerability

A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to bypass certain security boundaries or cause a denial of service DoS condition on an affected device. The vulnerability is due to the affected device unexpectedly decapsulating and...

CVE-2017-18868

Digi XBee 2 devices do not have an effective protection mechanism against remote AT commands, because of issues related to the network stack upon which the ZigBee protocol is built...

Input validation

Digi XBee 2 devices do not have an effective protection mechanism against remote AT commands, because of issues related to the network stack upon which the ZigBee protocol is built...