CVE-2020-11897 - The Treck TCP/IP stack before 5.0.1.35 has an Out-of-Bounds Write via multiple malformed IPv6 packet

CVE-2020-11897

Summary

The Treck TCP/IP stack before 5.0.1.35 has an Out-of-Bounds Write via multiple malformed IPv6 packets.

References

Vulnerable Configurations

cpe:2.3:a:treck:tcp\/ip:4.7.1.27:*:*:*:*:*:*:*
cpe:2.3:a:treck:tcp\/ip:4.7.1.27:*:*:*:*:*:*:*

CVSS

CWE

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

refmap via4

cert-vn	VU#257161
cisco	20200617 Multiple Vulnerabilities in Treck IP Stack Affecting Cisco Products: June 2020
confirm	http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt
misc	https://jsof-tech.com/vulnerability-disclosure-policy/ https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities https://www.jsof-tech.com/ripple20/ https://www.kb.cert.org/vuls/id/257161/ https://www.treck.com

Last major update

22-07-2020 - 00:15

Published

17-06-2020 - 11:15

Last modified

22-07-2020 - 00:15