A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
References
Link | Resource |
---|---|
https://blog.exodusintel.com/2016/08/09/vxworks-execute-my-packets/ | Exploit Third Party Advisory |
https://cert-portal.siemens.com/productcert/pdf/ssa-553445.pdf | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
History
07 Nov 2023, 02:30
Type | Values Removed | Values Added |
---|---|---|
Summary | A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer |
05 Apr 2022, 17:24
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
First Time |
Siemens sgt-100
Siemens sgt-a65 Firmware Siemens Siemens sgt-100 Firmware Siemens sgt-a65 Siemens sgt-a20 Siemens sgt-a20 Firmware Siemens sgt-300 Siemens sgt-400 Siemens sgt-200 Firmware Siemens sgt-300 Firmware Siemens sgt-a35 Siemens sgt-a35 Firmware Siemens sgt-400 Firmware Siemens sgt-200 |
|
CPE | cpe:2.3:o:siemens:sgt-300_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:sgt-400:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:sgt-a20:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:sgt-400_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:sgt-a35_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:sgt-200_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:sgt-a20_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:sgt-a65_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:sgt-a65:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:sgt-200:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:sgt-100:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:sgt-100_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:sgt-300:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:sgt-a35:-:*:*:*:*:*:*:* |
19 Mar 2021, 18:47
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
CWE | CWE-787 | |
CPE | cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:* | |
References | (MISC) https://blog.exodusintel.com/2016/08/09/vxworks-execute-my-packets/ - Exploit, Third Party Advisory |
11 Mar 2021, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-03-11 22:15
Updated : 2024-04-11 00:55
NVD link : CVE-2016-20009
Mitre link : CVE-2016-20009
CVE.ORG link : CVE-2016-20009
JSON object : View
Products Affected
windriver
- vxworks
siemens
- sgt-a35
- sgt-a65_firmware
- sgt-a65
- sgt-a20_firmware
- sgt-100_firmware
- sgt-400
- sgt-200_firmware
- sgt-200
- sgt-400_firmware
- sgt-a20
- sgt-a35_firmware
- sgt-300_firmware
- sgt-100
- sgt-300
CWE
CWE-787
Out-of-bounds Write