exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

Files from jerrytesting

First Active2024-01-18
Last Active2024-01-18
Contiki-NG tinyDTLS Buffer Over-Read / Denial Of Service
Posted Jan 18, 2024
Authored by jerrytesting

An issue was discovered in Contiki-NG tinyDTLS versions through 2018-08-30. A buffer over-read exists in the dtls_sha256_update function. This bug allows remote attackers to cause a denial of service (crash) and possibly read sensitive information by sending a malformed packet with an over-large fragment length field, due to servers incorrectly handling malformed packets.

tags | advisory, remote, denial of service
advisories | CVE-2021-42147
SHA-256 | cbd23d5e5c03a89b7797b1140a3998118f6627b3823c690bdae65a977b7770e9
Contiki-NG tinyDTLS Epoch Number Reuse
Posted Jan 18, 2024
Authored by jerrytesting

An issue was discovered in Contiki-NG tinyDTLS versions through 2018-08-30. DTLS servers allow remote attackers to reuse the same epoch number within two times the TCP maximum segment lifetime, which is prohibited in RFC6347. This vulnerability allows remote attackers to obtain sensitive application (data of connected clients).

tags | advisory, remote, tcp
advisories | CVE-2021-42146
SHA-256 | db8a0bf96f7883a8a21b7027f42157c985e59fe2bbc26de4705dacefa635eccf
Contiki-NG tinyDTLS check_certificate_request() Denial Of Service
Posted Jan 18, 2024
Authored by jerrytesting

An issue was discovered in Contiki-NG tinyDTLS versions through 2018-08-30. An assertion failure in check_certificate_request() causes the server to exit unexpectedly, resulting in a denial of service.

tags | advisory, denial of service
advisories | CVE-2021-42145
SHA-256 | 860a30d6b1aa58e5dc58161f2acf23b5acba868a0821683f71b804cf74409a1c
Contiki-NG tinyDTLS dtls_ccm_decrypt_message() Buffer Overread
Posted Jan 18, 2024
Authored by jerrytesting

An issue was discovered in Contiki-NG tinyDTLS versions through 2018-08-30. Incorrect handling of over-large packets in dtls_ccm_decrypt_message() causes a buffer over-read that can expose sensitive information.

tags | advisory
advisories | CVE-2021-42144
SHA-256 | fcd7f90fba43be1f60b391164b0ba2a0e19f793b3291f3ea45d6c373dadd81b8
Contiki-NG tinyDTLS Buffer Over-Read / Denial Of Service
Posted Jan 18, 2024
Authored by jerrytesting

An issue was discovered in Contiki-NG tinyDTLS versions through 2018-08-30. An infinite loop bug exists during the handling of a ClientHello handshake message. This bug allows remote attackers to cause a denial of service by sending a malformed ClientHello handshake message with an odd length of cipher suites, which triggers an infinite loop (consuming all resources) and a buffer over-read that can disclose sensitive information.

tags | advisory, remote, denial of service
advisories | CVE-2021-42143
SHA-256 | 846b82fbb5e4c16ada129d3f8122d5e00f7c07ffd7830416cb4698d8fd258206
Contiki-NG tinyDTLS Denial Of Service
Posted Jan 18, 2024
Authored by jerrytesting

An issue was discovered in Contiki-NG tinyDTLS versions through 2018-08-30. DTLS servers mishandle the early use of a large epoch number. This vulnerability allows remote attackers to cause a denial of service and false-positive packet drops.

tags | advisory, remote, denial of service
advisories | CVE-2021-42142
SHA-256 | e1244689736de9338e92f0ce31592afd33da836f554ad8dfaf50a9775596ca5b
Contiki-NG tinyDTLS Denial Of Service
Posted Jan 18, 2024
Authored by jerrytesting

An issue was discovered in Contiki-NG tinyDTLS versions through 2018-08-30. One incorrect handshake could complete with different epoch numbers in the packets Client_Hello, Client_key_exchange, and Change_cipher_spec, which may cause denial of service.

tags | advisory, denial of service
advisories | CVE-2021-42141
SHA-256 | d23467a0c344b00cea5d67a8d7ebffd0d3109291ffebc872fa9a3524ff53213a
Redis Raft ODR Violation
Posted Jan 18, 2024
Authored by jerrytesting

Redis raft versions master-1b8bd86 to master-7b46079 were discovered to contain an ODR violation via the component hiredisAllocFns at /opt/fs/redisraft/deps/hiredis/alloc.c.

tags | advisory
SHA-256 | 586772289785921cd60806511eb653c014c7a2c3992c9b9729e80b45a626043f
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close