Contiki-NG tinyDTLS Denial Of Service
2024-1-18 23:30:51 Author: packetstormsecurity.com(查看原文) 阅读量:5 收藏
2024-1-18 23:30:51 Author: packetstormsecurity.com(查看原文) 阅读量:5 收藏
About CVE-2021-42141:[Suggested description]
An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. One incorrect handshake could complete with different epoch numbers in the packets Client_Hello, Client_key_exchange, and Change_cipher_spec, which may cause denial of service.
[VulnerabilityType Other]
Improper Handling of exception conditions
[Vendor of Product]
https://github.com/contiki-ng/tinydtls
[Affected Product Code Base]
contiki-ng tinydtls - master branch 53a0d97
[Affected Component]
the service of dtls servers
[Attack Type]
Remote
[Impact Code execution]
true
[Impact Denial of Service]
true
[Impact Information Disclosure]
true
[Reference]
https://github.com/contiki-ng/tinydtls/issues/27
[Discoverer]
jerrytesting
文章来源: https://packetstormsecurity.com/files/176625/tinydtls-dos.txt
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh