Products > Security
INFRA:HALT - vulnerabilities in NicheStack (TCP/IP stack)
(1/1)
madires:
14 critical vulnerabilities found in NicheStack (TCP/IP stack) and 200+ vendors effected, a lot of PLCs.
https://www.forescout.com/research-labs/infra-halt/
NiHaoMike:
Yet another example of security through obscurity failing in the long run.
mrflibble:
--- Quote from: madires on August 04, 2021, 12:12:59 pm ---14 critical vulnerabilities found in NicheStack (TCP/IP stack) and 200+ vendors effected, a lot of PLCs.
https://www.forescout.com/research-labs/infra-halt/
--- End quote ---
Just for the fun of it gave the research report a quick scan. Buffer overflow and lack of input validation is still pretty popular, tsk tsk. At least this one is a bit more amusing: "Whenever an unknown HTTP request is received, a panic is invoked."
Reminds me of Novell servers in the previous millennium, where you could crash the entire server by a simple telnet to port 25.
Navigation
[0] Message Index
Go to full version