CVE-2021-42142

The CVE-2021-42142 issue affects Contiki-NG tinyDTLS (master branch 53a0d97). The vulnerability arises from the DTLS server mishandling the early use of a large epoch number, enabling remote attackers to cause a denial of service and false-positive packet drops. Affected software is Contiki-NG ti...

PT-2024-11020 · Unknown · Contiki-Ng

Name of the Vulnerable Software and Affected Versions: Contiki-NG tinyDTLS through master branch 53a0d97 Description: An issue in DTLS servers allows remote attackers to cause a denial of service and false-positive packet drops due to the mishandling of the early use of a large epoch number...

CVE-2021-42141

An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. One incorrect handshake could complete with different epoch numbers in the packets ClientHello, Clientkeyexchange, and Changecipherspec, which may cause denial of service...

Design/Logic Flaw

An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. One incorrect handshake could complete with different epoch numbers in the packets ClientHello, Clientkeyexchange, and Changecipherspec, which may cause denial of service...

CVE-2021-42141

An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. One incorrect handshake could complete with different epoch numbers in the packets ClientHello, Clientkeyexchange, and Changecipherspec, which may cause denial of service...

PT-2024-11019 · Unknown · Contiki-Ng

Name of the Vulnerable Software and Affected Versions: Contiki-NG tinyDTLS versions through 2018-08-30 Description: An issue was discovered where one incorrect handshake could complete with different epoch numbers in the packets Client Hello, Client key exchange, and Change cipher spec, which may...

CVE-2021-42141

CVE-2021-42141 affects Contiki-NG tinyDTLS up to and including 2018-08-30. The issue is an incorrect handshake that may complete with different epoch numbers across Client_Hello, Client_key_exchange, and Change_cipher_spec, potentially causing denial of service. Public references indicate high-se...

CVE-2021-42141

An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. One incorrect handshake could complete with different epoch numbers in the packets ClientHello, Clientkeyexchange, and Changecipherspec, which may cause denial of service...

Contiki-NG Security Vulnerability

Contiki-NG is an open source cross-platform operating system for next-generation IoT Internet of Things devices. A security vulnerability exists in Contiki-NG tinyDTLS version 2018-08-30 and prior versions, which stems from a mishandling of oversized packets in dtlsccmdecryptmessage can lead to...

Contiki-NG Security Vulnerability

Contiki-NG is an open source cross-platform operating system for next-generation IoT Internet of Things devices. A security vulnerability exists in Contiki-NG tinyDTLS version 2018-08-30 and earlier versions that stems from the fact that an incorrect handshake may be accomplished using different...

Contiki-NG Security Vulnerability

Contiki-NG is an open source cross-platform operating system for next-generation IoT Internet of Things devices. A security vulnerability exists in Contiki-NG tinyDTLS version 2018-08-30 and prior versions, which stems from a failed assertion in checkcertificaterequest that can cause the server t...

Contiki-NG Security Vulnerability

Contiki-NG is an open source cross-platform operating system for next-generation IoT Internet of Things devices. A security vulnerability exists in Contiki-NG tinyDTLS version 2018-08-30 and prior versions, which stems from a buffer over-read in the dtlssha256update function...

Contiki-NG Security Vulnerability

Contiki-NG is an open source cross-platform operating system for next-generation IoT Internet of Things devices. A security vulnerability exists in Contiki-NG tinyDTLS version 2018-08-30 and prior versions, which stems from an infinite loop error during processing of ClientHello handshake message...

The vulnerability of the Eclipse TinyDTLS library, related to errors in the code for generating pseudo-random numbers, allows a hacker to disclose the protected information.

The vulnerability of the Eclipse TinyDTLS library is related to errors in the code of the pseudorandom number generator. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose the protected information...

Eclipse TinyDTLS encryption issue vulnerability

Eclipse TinyDTLS is a library for Datagram Transport Layer Security DTLS.Eclipse TinyDTLS is vulnerable to an encryption issue that could be exploited by an attacker to compute a key to decrypt DTLS communications...

CVE-2021-34430

Eclipse TinyDTLS through 0.9-rc1 relies on the rand function in the C library, which makes it easier for remote attackers to compute the master key and then decrypt DTLS traffic...

CVE-2021-34430

Eclipse TinyDTLS through 0.9-rc1 relies on the rand function in the C library, which makes it easier for remote attackers to compute the master key and then decrypt DTLS traffic...

Open redirect

Eclipse TinyDTLS through 0.9-rc1 relies on the rand function in the C library, which makes it easier for remote attackers to compute the master key and then decrypt DTLS traffic...

CVE-2021-34430

Eclipse TinyDTLS through 0.9-rc1 relies on the rand function in the C library, which makes it easier for remote attackers to compute the master key and then decrypt DTLS traffic...

CVE-2021-34430

The CVE-2021-34430 entry concerns the Eclipse TinyDTLS library. Affected component: TinyDTLS up to version 0.9-rc1. Root cause: reliance on the C library’s rand function, which enables remote attackers to compute the DTLS master key and decrypt traffic. Impact: confidentiality of DTLS communicati...