This content is viewable by Everyone

33 vulnerabilities, known as AMNESIA:33, affecting multiple embedded open-source Transmission Control Protocol/Internet Protocol (TCP/IP) stacks

WHAT HAPPENED?

The CERT Coordination Center (CERT/CC) has released information on 33 vulnerabilities, known as AMNESIA:33, affecting multiple embedded open-source Transmission Control Protocol/Internet Protocol (TCP/IP) stacks.

Advanced Users: For a complete description of the security enhancements and affected software refer to:

AFFECTED SYSTEMS:

  • uIP-Contiki-OS (end-of-life [EOL]), Version 3.0 and prior
  • uIP-Contiki-NG, Version 4.5 and prior
  • uIP (EOL), Version 1.0 and prior
  • open-iscsi, Version 2.1.12 and prior
  • picoTCP-NG, Version 1.7.0 and prior
  • picoTCP (EOL), Version 1.7.0 and prior
  • FNET, Version 4.6.3
  • Nut/Net, Version 5.1 and prior

WHAT'S THE PROBLEM?

Some of these vulnerabilities, if exploited, could allow an attacker to take control of the affected system.

RELATED LINKS