2 matches found
CVE-2020-25928
The DNS feature in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Buffer Overflow. The impact is: execute arbitrary code remote. The component is: DNS response processing functions: dnsupcall, getoffset, dncsetanswer. The attack vector is: a specific DNS response packet. The code does not che...
CVE-2020-25928
The CVE-2020-25928 issue is in HCC Embedded’s InterNiche/NicheStack DNS response processing. The vulnerability stems from not validating the length of DNS answer data, which can cause out-of-bounds reads/writes in dns_upcall(), getoffset(), and dnc_set_answer(). This can enable information leakag...