EUVD-2018-8335

Malware in sbrugna...

EUVD-2018-8409

Malware in sbrugna...

EUVD-2018-8333

Malware in sbrugna...

EUVD-2018-8332

Malware in sbrugna...

EUVD-2018-8410

Malware in sbrugna...

EUVD-2018-8406

Malware in sbrugna...

EUVD-2018-8408

Malware in sbrugna...

EUVD-2018-8336

Malware in sbrugna...

CVE-2018-16601

An issue was discovered in Amazon Web Services AWS FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 with FreeRTOS+TCP, and WITTENSTEIN WHIS Connect middleware TCP/IP component. A crafted IP header triggers a full memory space copy in prvProcessIPPacket, leading to denial of service and possibly...

CVE-2018-16603

An issue was discovered in Amazon Web Services AWS FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 with FreeRTOS+TCP, and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds access to TCP source and destination port fields in xProcessReceivedTCPPacket can leak data back to an...

CVE-2018-16602

An issue was discovered in Amazon Web Services AWS FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 with FreeRTOS+TCP, and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of DHCP responses in prvProcessDHCPReplies can be used for information disclosu...

CVE-2018-16603

An issue was discovered in Amazon Web Services AWS FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 with FreeRTOS+TCP, and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds access to TCP source and destination port fields in xProcessReceivedTCPPacket can leak data back to an...

CVE-2018-16602

An issue was discovered in Amazon Web Services AWS FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 with FreeRTOS+TCP, and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of DHCP responses in prvProcessDHCPReplies can be used for information disclosu...

CVE-2018-16600

An issue was discovered in Amazon Web Services AWS FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 with FreeRTOS+TCP, and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of ARP packets in eARPProcessPacket can be used for information disclosure...

CVE-2018-16523

Amazon Web Services AWS FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 with FreeRTOS+TCP, and WITTENSTEIN WHIS Connect middleware TCP/IP component allow division by zero in prvCheckOptions...

CVE-2018-16600

An issue was discovered in Amazon Web Services AWS FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 with FreeRTOS+TCP, and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of ARP packets in eARPProcessPacket can be used for information disclosure...

CVE-2018-16599

An issue was discovered in Amazon Web Services AWS FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 with FreeRTOS+TCP, and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of NBNS packets in prvTreatNBNS can be used for information disclosure...

CVE-2018-16527

Amazon Web Services AWS FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 with FreeRTOS+TCP, and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of ICMP packets in prvProcessICMPPacket...

Cross site request forgery (csrf)

An issue was discovered in Amazon Web Services AWS FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 with FreeRTOS+TCP, and WITTENSTEIN WHIS Connect middleware TCP/IP component. In xProcessReceivedUDPPacket and prvParseDNSReply, any received DNS response is accepted, without confirming it matches a...

Remote code execution

An issue was discovered in Amazon Web Services AWS FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 with FreeRTOS+TCP, and WITTENSTEIN WHIS Connect middleware TCP/IP component. A crafted IP header triggers a full memory space copy in prvProcessIPPacket, leading to denial of service and possibly...