The nine vulnerabilities affecting four popular TCP/
IP stacks (FreeBSD, Nucleus NET, IPnet and NetX) were revealed this week by researchers at Forescout in San Jose, Calif., and JSOF Research in Israel.
Collectively the vulnerabilities are called Name:Wreck, which refers to how the parsing of domain names can break – “wreck” – DNS implementations in TCP/IP stacks, leading to denial of service or remote code execution attacks.
TCP/IP stacks are the communications protocols used for organizing data transmissions from devices across the internet. A number of companies make stacks for their own or other products.
“These vulnerabilities relate to Domain Name System (DNS) implementations, causing either denial of service (DoS) or remote code execution (RCE), allowing attackers to take target devices offline or to take control over them,” the researchers reported. “The widespread use of these stacks and often external exposure of vulnerable DNS clients lead to a dramatica
Plus: SentinelOne picks up Scalyr, fatal flaws in TCP, and a view on Supermicro Share
Copy
In brief Internet Security Research Group nonprofit Let s Encrypt has massively upgraded its certification hardware and software so that it can delete and reissue all its certs in less than 24 hours.
Last April the certificate authority was forced to kill three million HTTPS certs after a bug was found in its automated certificate management environment, about 2.6 per cent of its 150 million live certificate base. That caused some head-scratching. What if that bug had affected all of our certificates? That s more than 150 million certificates covering more than 240 million domains, said Let s Encrypt exec director Josh Aas. What if it had also been a more serious bug, requiring us to revoke and replace all certificates within 24 hours? That s the kind of worst case scenario we need to be prepared for.
In total, 11 stacks were analyzed: uIP, FNET, picoTCP, Nut/Net, lwIP, cycloneTCP, uC/TCP-IP, MPLAB Net, TI-NDKTCPIP, Nanostack, and Nucleus NET. Millions of devices, including everything from IT file servers to IoT embedded components, use uIP, FNET, picoTCP and Nut/Net. Researchers found improperly generated ISNs in nine of the 11 stacks analyzed.
Researchers said they disclosed the vulnerabilities to the affected vendors and maintainers in October 2020.
“Most vendors have already issued patches and/or mitigation recommendations to users. The developers of Nut/Net are working on a solution, and Forescout has not received a response from the uIP developers,” the report added.
Nach Amnesia:33 : Forscherteam warnt vor neun weiteren Lücken in TCP/IP-Stacks heise.de - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from heise.de Daily Mail and Mail on Sunday newspapers.