Products > Security

INFRA:HALT - vulnerabilities in NicheStack (TCP/IP stack)

(1/1)

madires:
14 critical vulnerabilities found in NicheStack (TCP/IP stack) and 200+ vendors effected, a lot of PLCs.
https://www.forescout.com/research-labs/infra-halt/

NiHaoMike:
Yet another example of security through obscurity failing in the long run.

mrflibble:

--- Quote from: madires on August 04, 2021, 12:12:59 pm ---14 critical vulnerabilities found in NicheStack (TCP/IP stack) and 200+ vendors effected, a lot of PLCs.
https://www.forescout.com/research-labs/infra-halt/

--- End quote ---
Just for the fun of it gave the research report a quick scan. Buffer overflow and lack of input validation is still pretty popular, tsk tsk. At least this one is a bit more amusing: "Whenever an unknown HTTP request is received, a panic is invoked."

Reminds me of Novell servers in the previous millennium, where you could crash the entire server by a simple telnet to port 25.

Navigation

[0] Message Index

There was an error while thanking
Thanking...
Go to full version