all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Contiki-NG tinyDTLS Buffer Over-Read / Denial Of Service

Add to bookmarks
Jan. 18, 2024, 3:34 p.m. |

Packet Storm packetstormsecurity.com

An issue was discovered in Contiki-NG tinyDTLS versions through 2018-08-30. An infinite loop bug exists during the handling of a ClientHello handshake message. This bug allows remote attackers to cause a denial of service by sending a malformed ClientHello handshake message with an odd length of cipher suites, which triggers an infinite loop (consuming all resources) and a buffer over-read that can disclose sensitive information.

attackers buffer bug cipher denial of service handling handshake issue length loop malformed message service

Visit resource

More from packetstormsecurity.com / Packet Storm

Ubuntu Security Notice USN-6757-2 1 day, 4 hours ago | packetstormsecurity.com
arbitrary code attacker code crash +16
Ubuntu Security Notice USN-6762-1 1 day, 4 hours ago | packetstormsecurity.com
arbitrary code attacker attackers code +15
SOPlanning 1.52.00 SQL Injection 1 day, 4 hours ago | packetstormsecurity.com
injection php projects sql +5
SOPlanning 1.52.00 Cross Site Request Forgery 1 day, 4 hours ago | packetstormsecurity.com
forgery php request version +2
SOPlanning 1.52.00 Cross Site Scripting 1 day, 5 hours ago | packetstormsecurity.com
cross site scripting php scripting version +2
Red Hat Security Advisory 2024-2679-03 1 day, 5 hours ago | packetstormsecurity.com
advisory enterprise free linux +7
Red Hat Security Advisory 2024-2674-03 1 day, 5 hours ago | packetstormsecurity.com
advisory enterprise kernel linux +5
Red Hat Security Advisory 2024-2071-03 1 day, 5 hours ago | packetstormsecurity.com
advisory bugs container fix +10
Red Hat Security Advisory 2024-2068-03 1 day, 5 hours ago | packetstormsecurity.com
advisory bugs container denial of service +13

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

IT Security Manager

@ Timocom GmbH | Erkrath, Germany
View on infosec-jobs.com

Cybersecurity Service Engineer

@ Motorola Solutions | Singapore, Singapore
View on infosec-jobs.com

Sr Cybersecurity Vulnerability Specialist

@ Health Care Service Corporation | Chicago Illinois HQ (300 E. Randolph Street)
View on infosec-jobs.com

Associate, Info Security (SOC) analyst

@ Evolent | Pune
View on infosec-jobs.com

Public Cloud Development Security and Operations (DevSecOps) Manager

@ Danske Bank | Copenhagen K, Denmark
View on infosec-jobs.com

Cybersecurity Risk Analyst IV

@ Computer Task Group, Inc | United States
View on infosec-jobs.com
View more jobs