2 matches found
CVE-2020-25110
An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. The length byte of a domain name in a DNS query/response is not checked, and is used for internal memory operations. This may lead to successful Denial-of-Service, and possibly Remote Code Execution...
CVE-2020-25110
CVE-2020-25110 is part of the AMNESIA:33 set affecting the Nut/Net DNS processing in Nut/OS components. The SUSE and CERT-derived documents describe a memory-corruption vulnerability caused by not validating the DNS data length when parsing DNS questions/responses, enabling denial-of-service and ...