EUVD-2020-9392

Malware in sbrugna...

Huawei EulerOS: Security Advisory for open-iscsi (EulerOS-SA-2023-2453)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.10.0 : open-iscsi (EulerOS-SA-2023-2478)

According to the versions of the open-iscsi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, an...

EulerOS Virtualization 2.10.1 : open-iscsi (EulerOS-SA-2023-2453)

According to the versions of the open-iscsi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, an...

EulerOS 2.0 SP10 : open-iscsi (EulerOS-SA-2023-1958)

According to the versions of the open-iscsi package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is...

EulerOS Virtualization 2.9.1 : open-iscsi (EulerOS-SA-2021-1718)

According to the version of the open-iscsi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that reassembles fragmented packets fails...

EulerOS Virtualization 2.9.0 : open-iscsi (EulerOS-SA-2021-1639)

According to the versions of the open-iscsi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, an...

CVE-2020-17440

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that parses incoming DNS packets does not validate that domain names present in the DNS responses have '\0' termination. This results in errors when calculating the offset of the pointer that jumps over domain...

CVE-2020-17440

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that parses incoming DNS packets does not validate that domain names present in the DNS responses have '\0' termination. This results in errors when calculating the offset of the pointer that jumps over domain...

CVE-2020-17437

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data, by...

CVE-2020-17439

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that parses incoming DNS packets does not validate that the incoming DNS replies match outgoing DNS queries in newdata in resolv.c. Also, arbitrary DNS replies are parsed if there was any outgoing DNS query wi...

CVE-2020-17437

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data, by...

CVE-2020-17439

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that parses incoming DNS packets does not validate that the incoming DNS replies match outgoing DNS queries in newdata in resolv.c. Also, arbitrary DNS replies are parsed if there was any outgoing DNS query wi...

Null pointer dereference

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data, by...

Code injection

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that reassembles fragmented packets fails to properly validate the total length of an incoming packet specified in its IP header, as well as the fragmentation offset value specified in the IP header. By crafti...

Null pointer dereference

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that parses incoming DNS packets does not validate that domain names present in the DNS responses have '\0' termination. This results in errors when calculating the offset of the pointer that jumps over domain...

CVE-2020-17440

CVE-2020-17440 affects uIP 1.0 (and Contiki-OS/NG and related stacks) where DNS packet parsing does not verify that domain names are null-terminated, enabling memory corruption via crafted DNS responses. Root cause is improper null termination handling in resolv.c (newdata()/parse_name()). Impact...

CVE-2020-17440

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that parses incoming DNS packets does not validate that domain names present in the DNS responses have '\0' termination. This results in errors when calculating the offset of the pointer that jumps over domain...

CVE-2020-17439

CVE-2020-17439 affects uIP 1.0 (used in Contiki 3.0 and other products). The DNS client parses DNS replies without validating that replies match outgoing queries; DNS transaction IDs are insufficiently random and small DNS caches (4 entries) enable DNS cache poisoning. Connected sources confirm a...

CVE-2020-17438

CVE-2020-17438 affects uIP 1.0 (used in Contiki 3.0 and other products). The IP reassembly code fails to validate the total packet length and fragmentation offset, enabling crafted IP headers to write past the static buffer into the .bss area, causing a denial of service in uip_reass() and potent...