CVE-2021-36762

An issue was discovered in HCC Embedded InterNiche NicheStack through 4.3. The tfshnd:tftpsrv.c TFTP packet processing function doesn't ensure that a filename is adequately '\0' terminated; therefore, a subsequent call to strlen for the filename might read out of bounds of the protocol packet...

CVE-2021-36762

An issue was discovered in HCC Embedded InterNiche NicheStack through 4.3. The tfshnd:tftpsrv.c TFTP packet processing function doesn't ensure that a filename is adequately '\0' terminated; therefore, a subsequent call to strlen for the filename might read out of bounds of the protocol packet...

CVE-2020-35684

An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size extracted from the IP header to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller tha...

CVE-2020-35685

An issue was discovered in HCC Nichestack 3.0. The code that generates Initial Sequence Numbers ISNs for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of current and future TCP connections and either hijack existing...

CVE-2021-27565

The web server in InterNiche NicheStack through 4.0.1 allows remote attackers to cause a denial of service infinite loop and networking outage via an unexpected valid HTTP request such as OPTIONS. This occurs because the HTTP request handler enters a miscoded wbsloop debugger hook...

CVE-2020-35685

An issue was discovered in HCC Nichestack 3.0. The code that generates Initial Sequence Numbers ISNs for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of current and future TCP connections and either hijack existing...

CVE-2020-35684

An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size extracted from the IP header to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller tha...

CVE-2021-27565

The web server in InterNiche NicheStack through 4.0.1 allows remote attackers to cause a denial of service infinite loop and networking outage via an unexpected valid HTTP request such as OPTIONS. This occurs because the HTTP request handler enters a miscoded wbsloop debugger hook...

CVE-2020-35683

An issue was discovered in HCC Nichestack 3.0. The code that parses ICMP packets relies on an unchecked value of the IP payload size extracted from the IP header to compute the ICMP checksum. When the IP payload size is set to be smaller than the size of the IP header, the ICMP checksum computati...

CVE-2020-35683

An issue was discovered in HCC Nichestack 3.0. The code that parses ICMP packets relies on an unchecked value of the IP payload size extracted from the IP header to compute the ICMP checksum. When the IP payload size is set to be smaller than the size of the IP header, the ICMP checksum computati...

Design/Logic Flaw

An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size extracted from the IP header to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller tha...

Design/Logic Flaw

The web server in InterNiche NicheStack through 4.0.1 allows remote attackers to cause a denial of service infinite loop and networking outage via an unexpected valid HTTP request such as OPTIONS. This occurs because the HTTP request handler enters a miscoded wbsloop debugger hook...

Design/Logic Flaw

An issue was discovered in HCC Nichestack 3.0. The code that parses ICMP packets relies on an unchecked value of the IP payload size extracted from the IP header to compute the ICMP checksum. When the IP payload size is set to be smaller than the size of the IP header, the ICMP checksum computati...

Code injection

An issue was discovered in HCC Nichestack 3.0. The code that generates Initial Sequence Numbers ISNs for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of current and future TCP connections and either hijack existing...

Out-of-bounds

An issue was discovered in HCC Embedded InterNiche NicheStack through 4.3. The tfshnd:tftpsrv.c TFTP packet processing function doesn't ensure that a filename is adequately '\0' terminated; therefore, a subsequent call to strlen for the filename might read out of bounds of the protocol packet...

CVE-2020-35685

CVE-2020-35685 affects HCC Nichestack/NicheStack up to versions preceding 4.3, where ISNs are generated from an insufficiently random source. This enables an attacker to potentially hijack existing TCP connections or spoof future ones, as ISN predictability undermines TCP security. The ICS/CISA a...

CVE-2020-35685

An issue was discovered in HCC Nichestack 3.0. The code that generates Initial Sequence Numbers ISNs for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of current and future TCP connections and either hijack existing...

CVE-2020-35684

An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size extracted from the IP header to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller tha...

CVE-2020-35684

CVE-2020-35684 affects HCC Nichestack (InterNiche/NicheStack) TCP/IP stack. The issue is in the TCP checksum path where the code uses an unchecked IP payload size to compute the TCP payload length, which can cause an out-of-bounds read when the IP payload size is smaller than the IP header. This ...

CVE-2020-35683

An issue was discovered in HCC Nichestack 3.0. The code that parses ICMP packets relies on an unchecked value of the IP payload size extracted from the IP header to compute the ICMP checksum. When the IP payload size is set to be smaller than the size of the IP header, the ICMP checksum computati...