Lucene search
K

22 matches found

CISA
CISA
added 2021/04/15 12:0 a.m.14 views

NAME:WRECK DNS Vulnerabilities

Cybersecurity researchers from Forescout and JSOF have released a report on a set of nine vulnerabilities—referred to as NAME:WRECK—affecting Domain Name System DNS implementations. NAME:WRECK affects at least four common TCP/IP stacks—FreeBSD, IPNet, NetX, and Nucleus NET—that are used in Intern...

6.9AI score
Exploits0References3
ThreatPost
ThreatPost
added 2021/04/13 9:3 p.m.309 views

How the NAME:WRECK Bugs Impact Consumers, Businesses

Researchers estimate more than 100 million internet-connected devices are vulnerable to a class of flaws dubbed NAME:WRECK. Devices ranging from smartphones, aircraft navigation systems and industrial internet of things IIoT endpoints are vulnerable to either a denial-of-service DoS or remote...

7.5CVSS0.4AI score0.07194EPSS
Exploits2References7
Malwarebytes
Malwarebytes
added 2021/04/13 2:52 p.m.14 views

NAME:WRECK, a potential IoT trainwreck

A set of vulnerabilities has been found in the way a number of popular TCP/IP stacks handle DNS requests. Potentially this could impact hundreds of millions of servers, smart devices, and industrial equipment. The researchers that discovered the vulnerabilities have named them NAME:WRECK. Plural...

1.6AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/13 12:24 p.m.239 views

New NAME:WRECK Vulnerabilities Impact Nearly 100 Million IoT Devices

Security researchers have uncovered nine vulnerabilities affecting four TCP/IP stacks impacting more than 100 million consumer and enterprise devices that could be exploited by an attacker to take control of a vulnerable system. Dubbed "NAME:WRECK" by Forescout and JSOF, the flaws are the latest ...

0.2AI score
Exploits0
ICS
ICS
added 2021/02/11 12:0 a.m.125 views

Multiple Embedded TCP/IP Stacks (Update B)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Multiple Equipment: Nut/Net, CycloneTCP, NDKTCPIP, FNET, uIP-Contiki-OS, uC/TCP-IP, uIP-Contiki-NG, uIP, picoTCP-NG, picoTCP, MPLAB Net, Nucleus NET, Nucleus ReadyStart Vulnerabilities: Use of...

9.8CVSS8.4AI score0.01716EPSS
Exploits1References5
SonicWall
SonicWall
added 2021/01/06 9:25 p.m.4 views

Amnesia 33 vulnerabilities

Amnesia 33 vulnerabilities impacts four open source TCP/IP stacks uIP, FNET, picoTCP and Nut/Net libraries which are used in millions of smart IOT and embedded devices. These four open source TCP/IP stacks libraries are not used in the SonicWall firewall products. CVE: N/A Last updated: Jan. 6,...

9.8CVSS7.3AI score
Exploits0
ICS
ICS
added 2020/12/08 12:0 a.m.126 views

Multiple Embedded TCP/IP Stacks

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Multiple open source Equipment: uIP-Contiki-OS, uIP-Contiki-NG, uIP, open-iscsi, picoTCP-NG, picoTCP, FNET, Nut/Net Vulnerabilities: Infinite Loop, Integer Wraparound, Out-of-bounds Read, Integer...

9.8CVSS9AI score0.1854EPSS
Exploits0References5
NCSC
NCSC
added 2020/12/08 12:0 a.m.7 views

Vulnerabilities in multiple TCP/IP stacks

Researchers at Forescout Research Labs have found 33 vulnerabilities found in four open source TCP/IP stacks. In the research called AMNESIA:33, four vulnerabilities are identified as critical. The highest assigned CVSS score is 9.8. The vulnerabilities allow a malicious party to carry out attack...

9.8CVSS7.5AI score0.58695EPSS
Exploits0
CERT
CERT
added 2020/12/08 12:0 a.m.164 views

Embedded TCP/IP stacks have memory corruption vulnerabilities

Overview Multiple open-source embedded TCP/IP stacks, commonly used in Internet of Things IoT and embedded devices, have several vulnerabilities stemming from improper memory management. These vulnerabilities are also tracked as ICS-VU-633937 and JVNVU96491057 as well as the name AMNESIA:33...

9.8CVSS8.5AI score0.52259EPSS
Exploits0References5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

FreeBSD 2.x,HP-UX 9/10/11,kernel 2.0.3,Windows NT 4.0/Server 2003,NetBSD 1 loopback (land.c) DoS (3)

No description provided by source. source: http://www.securityfocus.com/bid/2666/info A number of TCP/IP stacks are vulnerable to a loopback condition initiated by sending a TCP SYN packet with the source address and port spoofed to equal the destination source and port. When a packet of this sor...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.41 views

FreeBSD 2.x,HP-UX 9/10/11,kernel 2.0.3,Windows NT 4.0/Server 2003,NetBSD 1 loopback (land.c) DoS (1)

No description provided by source. source: http://www.securityfocus.com/bid/2666/info A number of TCP/IP stacks are vulnerable to a loopback condition initiated by sending a TCP SYN packet with the source address and port spoofed to equal the destination source and port. When a packet of this sor...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.38 views

FreeBSD 2.x,HP-UX 9/10/11,kernel 2.0.3,Windows NT 4.0/Server 2003,NetBSD 1 loopback (land.c) DoS (5)

No description provided by source. source: http://www.securityfocus.com/bid/2666/info A number of TCP/IP stacks are vulnerable to a loopback condition initiated by sending a TCP SYN packet with the source address and port spoofed to equal the destination source and port. When a packet of this sor...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

Windows 95/98,Windows NT Enterprise Server <= 4.0 SP5,Windows NT Terminal Server <= 4.0 SP4,Windows NT Workstation <= 4.0 SP5 (2)

No description provided by source. source: http://www.securityfocus.com/bid/514/info The Windows 98 and Windows 2000 TCP/IP stacks were not built to reliably tolerate malformed IGMP headers. When one is received, the stack will sometimes fail with unpredictable results ranging from a Blue Screen ...

7.1AI score
Exploits0
CVE
CVE
added 2004/09/01 4:0 a.m.65 views

CVE-1999-1201

CVE-1999-1201 affects Windows 95/98 when multiple TCP/IP stacks are bound to the same MAC address. The condition allows a remote attacker to trigger traffic amplification by sending a particular ICMP echo, causing all stacks to reply to the same ping (TCP Chorusing). The vulnerability is document...

5CVSS6.7AI score0.13903EPSS
Exploits0References3Affected Software2
securityvulns
securityvulns
added 2004/07/21 12:0 a.m.43 views

[Full-Disclosure] Cisco Security Advisory: Cisco ONS 15327, ONS 15454, ONS 15454 SDH, and ONS 15600 Malformed Packet Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco ONS 15327, ONS 15454, ONS 15454 SDH, and ONS 15600 Malformed Packet Vulnerabilities Revision 1.0 For Public Release 2004 July 21 at 1600 UTC GMT ----------------------------------------------------------------------...

0.1AI score
Exploits0
Cvelist
Cvelist
added 2000/12/19 5:0 a.m.28 views

CVE-2000-1039

Various TCP/IP stacks and network applications allow remote attackers to cause a denial of service by flooding a target host with TCP connection attempts and completing the TCP/IP handshake without maintaining the connection state on the attacker host, aka the "NAPTHA" class of vulnerabilities...

6.8AI score0.45833EPSS
Exploits2References5
CVE
CVE
added 2000/12/19 5:0 a.m.86 views

CVE-2000-1039

CVE-2000-1039 (Naptha) describes DoS in various TCP/IP stacks and network apps where remote attackers flood a target with TCP connection attempts and complete the TCP handshake without maintaining state, exhausting resources and causing partial availability impact. Connected documents confirm the...

5CVSS6.8AI score0.45833EPSS
Exploits2References5Affected Software5
Tenable Nessus
Tenable Nessus
added 1999/10/31 12:0 a.m.32 views

TCP/IP 'Chorusing' Windows DoS

Microsoft Windows 95 and 98 clients have the ability to bind multiple TCP/IP stacks on the same MAC address, simply by having the protocol added more than once in the Network Control panel. The remote host has several TCP/IP stacks with the same IP bound on the same MAC address. As a result, it...

5CVSS5.6AI score0.13903EPSS
Exploits0References1
exploitpack
exploitpack
added 1999/07/03 12:0 a.m.15 views

Microsoft Windows 9598 NT Enterprise Server 4.0 SP5 NT Terminal Server 4.0 SP4 NT Workstation 4.0 SP5 - Denial of Service (2)

Microsoft Windows 9598 NT Enterprise Server 4.0 SP5 NT Terminal Server 4.0 SP4 NT Workstation 4.0 SP5 - Denial of Service 2 // source: https://www.securityfocus.com/bid/514/info The Windows 98 and Windows 2000 TCP/IP stacks were not built to reliably tolerate malformed IGMP headers. When one is...

7.3AI score
Exploits0
NVD
NVD
added 1999/02/06 5:0 a.m.18 views

CVE-1999-1201

Windows 95 and Windows 98 systems, when configured with multiple TCP/IP stacks bound to the same MAC address, allow remote attackers to cause a denial of service traffic amplification via a certain ICMP echo ping packet, which causes all stacks to send a ping response, aka TCP Chorusing...

5CVSS6.7AI score0.13903EPSS
Exploits0References3
Rows per page
Query Builder