63 matches found
CVE-2021-42144
Contiki-NG tinyDTLS (master branch commit 53a0d97) suffers a buffer over-read via crafted input to dtls_ccm_decrypt_message(), exposing sensitive data. Documented in CVE-2021-42144; no patch version or remediation detail provided in the connected sources. Exploit status not specified.
PT-2024-11023 · Unknown · Contiki-Ng Tinydtls
Name of the Vulnerable Software and Affected Versions: Contiki-NG tinyDTLS through master branch 53a0d97 Description: An assertion failure in the check certificate request function allows attackers to cause a denial of service. This issue affects Contiki-NG tinyDTLS, enabling attackers to exploit...
CVE-2021-42145
CVE-2021-42145 affects Contiki-NG tinyDTLS in the master branch (commit 53a0d97). An assertion failure in check_certificate_request() can cause a denial of service. Documented impact is a high-severity network-root cause (CVSSv3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H, base score 7.5). Affected so...
PT-2024-11021 · Unknown · Contiki-Ng
Name of the Vulnerable Software and Affected Versions: Contiki-NG tinyDTLS through master branch 53a0d97 Description: An issue exists in the handling of a ClientHello handshake message, where an infinite loop bug can be triggered by remote attackers sending a malformed message with an odd length ...
CVE-2021-42143
An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. An infinite loop bug exists during the handling of a ClientHello handshake message. This bug allows remote attackers to cause a denial of service by sending a malformed ClientHello handshake message with an odd length o...
PT-2024-11022 · Unknown · Contiki-Ng
Name of the Vulnerable Software and Affected Versions: Contiki-NG tinyDTLS versions through master branch 53a0d97 Description: The issue allows attackers to obtain sensitive information via crafted input to the dtls ccm decrypt message function. Recommendations: For Contiki-NG tinyDTLS versions...
PT-2024-11024 · Unknown · Contiki-Ng
Name of the Vulnerable Software and Affected Versions: Contiki-NG tinyDTLS through master branch 53a0d97 Description: An issue was discovered in DTLS servers, allowing remote attackers to reuse the same epoch number within two times the TCP maximum segment lifetime, which is prohibited in RFC6347...
CVE-2021-42147
Buffer over-read vulnerability in the dtlssha256update function in Contiki-NG tinyDTLS through master branch 53a0d97 allows remote attackers to cause a denial of service via crafted data packet...
CVE-2021-42146
An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers allow remote attackers to reuse the same epoch number within two times the TCP maximum segment lifetime, which is prohibited in RFC6347. This vulnerability allows remote attackers to obtain sensitive...
CVE-2021-42144
Buffer over-read vulnerability in Contiki-NG tinyDTLS through master branch 53a0d97 allows attackers obtain sensitive information via crafted input to dtlsccmdecryptmessage...
CVE-2021-42144
Buffer over-read vulnerability in Contiki-NG tinyDTLS through master branch 53a0d97 allows attackers obtain sensitive information via crafted input to dtlsccmdecryptmessage...
CVE-2021-42143
An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. An infinite loop bug exists during the handling of a ClientHello handshake message. This bug allows remote attackers to cause a denial of service by sending a malformed ClientHello handshake message with an odd length o...
CVE-2021-42146
Contiki-NG tinyDTLS (master branch 53a0d97) contains a DTLS server issue where an attacker can reuse the same epoch number within two times the TCP maximum segment lifetime (RFC6347). This allows remote access to sensitive application data of connected clients. Affected component: DTLS server in ...
CVE-2021-42147
Buffer over-read vulnerability in the dtlssha256update function in Contiki-NG tinyDTLS through master branch 53a0d97 allows remote attackers to cause a denial of service via crafted data packet...
CVE-2021-42147
The CVE-2021-42147 entry concerns a buffer over-read in Contiki-NG tinyDTLS (dtls_sha256_update) affecting master branch 53a0d97, enabling a remote attacker to cause a denial of service via crafted data packets. Connected sources corroborate the issue in Contiki-NG tinyDTLS and describe the vulne...
CVE-2021-42142
An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers mishandle the early use of a large epoch number. This vulnerability allows remote attackers to cause a denial of service and false-positive packet drops...
CVE-2021-42142
An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers mishandle the early use of a large epoch number. This vulnerability allows remote attackers to cause a denial of service and false-positive packet drops...
Code injection
An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers mishandle the early use of a large epoch number. This vulnerability allows remote attackers to cause a denial of service and false-positive packet drops...
CVE-2021-42142
An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers mishandle the early use of a large epoch number. This vulnerability allows remote attackers to cause a denial of service and false-positive packet drops...
CVE-2021-42142
An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers mishandle the early use of a large epoch number. This vulnerability allows remote attackers to cause a denial of service and false-positive packet drops...