54 matches found
EUVD-2020-9421
Malware in sbrugna...
EUVD-2020-17115
Malware in sbrugna...
EUVD-2020-9420
Malware in sbrugna...
EUVD-2020-20140
Malware in sbrugna...
EUVD-2020-9422
Malware in sbrugna...
EUVD-2020-9419
Malware in sbrugna...
CVE-2020-27633
In FNET 4.6.3, TCP ISNs are improperly random...
CVE-2020-27633
In FNET 4.6.3, TCP ISNs are improperly random...
CVE-2020-27633
In FNET 4.6.3, TCP ISNs are improperly random...
CVE-2020-27633
CVE-2020-27633 affects FNET 4.6.3, where TCP Initial Sequence Numbers (ISNs) are generated with insufficient randomness, enabling potential spoofing or disruption of TCP connections. The vulnerability is caused by a predictable ISN generation in FNET’s TCP stack, with no explicit exploitation det...
CVE-2020-27633
In FNET 4.6.3, TCP ISNs are improperly random...
CVE-2020-27633
In FNET 4.6.3, TCP ISNs are improperly random...
SUSE CVE-2020-17467
An issue was discovered in FNET through 4.6.4. The code for processing the hostname from an LLMNR request doesn't check for '\0' termination. Therefore, the deduced length of the hostname doesn't reflect the correct length of the actual data. This may lead to Information Disclosure in fnetllmnrpo...
SUSE CVE-2020-17468
An issue was discovered in FNET through 4.6.4. The code for processing the hop-by-hop header in the IPv6 extension headers doesn't check for a valid length of an extension header, and therefore an out-of-bounds read can occur in fnetip6extheaderhandleroptions in fnetip6.c, leading to...
SUSE CVE-2020-17470
An issue was discovered in FNET through 4.6.4. The code that initializes the DNS client interface structure does not set sufficiently random transaction IDs they are always set to 1 in fnetdnspoll in fnetdns.c. This significantly simplifies DNS cache poisoning attacks...
SUSE CVE-2020-17469
An issue was discovered in FNET through 4.6.4. The code for IPv6 fragment reassembly tries to access a previous fragment starting from a network incoming fragment that still doesn't have a reference to the previous one which supposedly resides in the reassembly list. When faced with an incoming...
SUSE CVE-2020-24383
An issue was discovered in FNET through 4.6.4. The code for processing resource records in mDNS queries doesn't check for proper '\0' termination of the resource record name string, leading to an out-of-bounds read, and potentially causing information leak or Denial-or-Service...
FNET TCP/IP Stack - HTTP Detection
Binary data fnettcpipstackhttpdetect.nbin...
PT-2021-2230 · Fnet · Fnet
Name of the Vulnerable Software and Affected Versions: FNET version 4.6.3 Description: The issue is related to the improper randomness of TCP Initial Sequence Numbers ISNs in the FNET protocol stack implementation. This could allow a remote attacker to gain unauthorized access to protected...
Multiple Embedded TCP/IP Stacks (Update B)
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Multiple Equipment: Nut/Net, CycloneTCP, NDKTCPIP, FNET, uIP-Contiki-OS, uC/TCP-IP, uIP-Contiki-NG, uIP, picoTCP-NG, picoTCP, MPLAB Net, Nucleus NET, Nucleus ReadyStart Vulnerabilities: Use of...