CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7039
https://notcve.org/view.php?id=CVE-2018-7039
14 Feb 2018 — CCN-lite 2.0.0 Beta allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact because the ccnl_ndntlv_prependBlob function in ccnl-pkt-ndntlv.c can be called with wrong arguments. Specifically, there is an incorrect integer data type causing a negative third argument in some cases of crafted TLV data with inconsistent length information. CCN-lite 2.0.0 Beta permite que atacantes remotos provoquen una denegación de servicio (desbordamiento de búfer) u ot... • https://github.com/cn-uofbasel/ccn-lite/issues/191 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6953
https://notcve.org/view.php?id=CVE-2018-6953
13 Feb 2018 — In CCN-lite 2, the Parser of NDNTLV does not verify whether a certain component's length field matches the actual component length, which has a resultant buffer overflow and out-of-bounds memory accesses. En CCN-lite 2, el analizador de NDNTLV no verifica si el campo length un componente determinado coincide con su longitud real, lo que resulta en un desbordamiento de búfer y accesos a la memoria fuera de límites. • https://github.com/cn-uofbasel/ccn-lite/issues/195 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6948
https://notcve.org/view.php?id=CVE-2018-6948
13 Feb 2018 — In CCN-lite 2, the function ccnl_prefix_to_str_detailed can cause a buffer overflow, when writing a prefix to the buffer buf. The maximal size of the prefix is CCNL_MAX_PREFIX_SIZE; the buffer has the size CCNL_MAX_PREFIX_SIZE. However, when NFN is enabled, additional characters are written to the buffer (e.g., the "NFN" and "R2C" tags). Therefore, sending an NFN-R2C packet with a prefix of size CCNL_MAX_PREFIX_SIZE can cause an overflow of buf inside ccnl_prefix_to_str_detailed. En CCN-lite 2, la función c... • https://github.com/cn-uofbasel/ccn-lite/issues/193 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6480
https://notcve.org/view.php?id=CVE-2018-6480
31 Jan 2018 — A type confusion issue was discovered in CCN-lite 2, leading to a memory access violation and a failure of the nonce feature (which, for example, helped with loop prevention). ccnl_fwd_handleInterest assumes that the union member s is of type ccnl_pktdetail_ndntlv_s. However, if the type is in fact struct ccnl_pktdetail_ccntlv_s or struct ccnl_pktdetail_iottlv_s, the memory at that point is either uninitialised or points to data that is not a nonce, which renders the code using the local variable nonce poin... • https://github.com/cn-uofbasel/ccn-lite/issues/159 • CWE-704: Incorrect Type Conversion or Cast •