Vulnerabilites related to siemens - sgt-300
var-202103-0365
Vulnerability from variot
A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Wind River VxWorks Is vulnerable to an out-of-bounds write.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Wind River VxWorks is an operating system of Wind River Company in the United States. The industry-leading real-time operating system for building embedded devices and systems. Remote attackers can use this vulnerability to submit special requests, causing the application to crash or execute arbitrary code in the application context
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202103-0365", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "vxworks", scope: "gte", trust: 1, vendor: "windriver", version: "6.5", }, { model: "sgt-200", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "sgt-300", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "sgt-400", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "vxworks", scope: "lte", trust: 1, vendor: "windriver", version: "7.0", }, { model: "sgt-a20", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "sgt-a35", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "sgt-a65", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "sgt-100", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "ウインドリバー株式会社", version: "6.5 to 7", }, { model: "vxworks", scope: "eq", trust: 0.8, vendor: "ウインドリバー株式会社", version: null, }, { model: "river vxworks", scope: "gte", trust: 0.6, vendor: "wind", version: "6.5,<=7", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-29083", }, { db: "JVNDB", id: "JVNDB-2016-009699", }, { db: "NVD", id: "CVE-2016-20009", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "7.0", versionStartIncluding: "6.5", vulnerable: true, }, ], operator: "OR", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:sgt-100_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:sgt-100:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:sgt-200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:sgt-200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:sgt-300_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:sgt-300:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:sgt-400_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:sgt-400:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:sgt-a20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:sgt-a20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:sgt-a35_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:sgt-a35:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:siemens:sgt-a65_firmware:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:siemens:sgt-a65:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2016-20009", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens reported to CISA that these products are affected by this vulnerability when using some third-party components.", sources: [ { db: "CNNVD", id: "CNNVD-202103-841", }, ], trust: 0.6, }, cve: "CVE-2016-20009", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 7.5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2016-20009", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.9, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2021-29083", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2016-20009", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2016-20009", trust: 1.8, value: "CRITICAL", }, { author: "CNVD", id: "CNVD-2021-29083", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202103-841", trust: 0.6, value: "CRITICAL", }, { author: "VULMON", id: "CVE-2016-20009", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2021-29083", }, { db: "VULMON", id: "CVE-2016-20009", }, { db: "JVNDB", id: "JVNDB-2016-009699", }, { db: "CNNVD", id: "CNNVD-202103-841", }, { db: "NVD", id: "CVE-2016-20009", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Wind River VxWorks Is vulnerable to an out-of-bounds write.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Wind River VxWorks is an operating system of Wind River Company in the United States. The industry-leading real-time operating system for building embedded devices and systems. Remote attackers can use this vulnerability to submit special requests, causing the application to crash or execute arbitrary code in the application context", sources: [ { db: "NVD", id: "CVE-2016-20009", }, { db: "JVNDB", id: "JVNDB-2016-009699", }, { db: "CNVD", id: "CNVD-2021-29083", }, { db: "VULMON", id: "CVE-2016-20009", }, ], trust: 2.25, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2016-20009", trust: 3.1, }, { db: "SIEMENS", id: "SSA-553445", trust: 1.7, }, { db: "JVN", id: "JVNVU99791395", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2016-009699", trust: 0.8, }, { db: "CNVD", id: "CNVD-2021-29083", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-222-06", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.2712", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202103-841", trust: 0.6, }, { db: "VULMON", id: "CVE-2016-20009", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-29083", }, { db: "VULMON", id: "CVE-2016-20009", }, { db: "JVNDB", id: "JVNDB-2016-009699", }, { db: "CNNVD", id: "CNNVD-202103-841", }, { db: "NVD", id: "CVE-2016-20009", }, ], }, id: "VAR-202103-0365", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-29083", }, ], trust: 1.6, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-29083", }, ], }, last_update_date: "2024-05-17T21:12:07.067000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Top Page", trust: 0.8, url: "https://www.windriver.com/", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=3f7c93868d7099e31ef639cbd5d52b75", }, { title: "BleepingComputer", trust: 0.1, url: "https://www.bleepingcomputer.com/news/security/name-wreck-dns-vulnerabilities-affect-over-100-million-devices/", }, ], sources: [ { db: "VULMON", id: "CVE-2016-20009", }, { db: "JVNDB", id: "JVNDB-2016-009699", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1, }, { problemtype: "Out-of-bounds writing (CWE-787) [NVD Evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2016-009699", }, { db: "NVD", id: "CVE-2016-20009", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3.1, url: "https://blog.exodusintel.com/2016/08/09/vxworks-execute-my-packets/", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-553445.pdf", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu99791395/index.html", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2016-20009", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.2712", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-222-06", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/787.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://www.bleepingcomputer.com/news/security/name-wreck-dns-vulnerabilities-affect-over-100-million-devices/", }, { trust: 0.1, url: "https://cert-portal.siemens.com/productcert/txt/ssa-553445.txt", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-29083", }, { db: "VULMON", id: "CVE-2016-20009", }, { db: "JVNDB", id: "JVNDB-2016-009699", }, { db: "CNNVD", id: "CNNVD-202103-841", }, { db: "NVD", id: "CVE-2016-20009", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2021-29083", }, { db: "VULMON", id: "CVE-2016-20009", }, { db: "JVNDB", id: "JVNDB-2016-009699", }, { db: "CNNVD", id: "CNNVD-202103-841", }, { db: "NVD", id: "CVE-2016-20009", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-04-18T00:00:00", db: "CNVD", id: "CNVD-2021-29083", }, { date: "2021-03-11T00:00:00", db: "VULMON", id: "CVE-2016-20009", }, { date: "2021-11-24T00:00:00", db: "JVNDB", id: "JVNDB-2016-009699", }, { date: "2021-03-11T00:00:00", db: "CNNVD", id: "CNNVD-202103-841", }, { date: "2021-03-11T22:15:12.120000", db: "NVD", id: "CVE-2016-20009", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-04-18T00:00:00", db: "CNVD", id: "CNVD-2021-29083", }, { date: "2021-08-10T00:00:00", db: "VULMON", id: "CVE-2016-20009", }, { date: "2021-11-24T06:53:00", db: "JVNDB", id: "JVNDB-2016-009699", }, { date: "2022-04-06T00:00:00", db: "CNNVD", id: "CNNVD-202103-841", }, { date: "2024-05-17T01:08:37.820000", db: "NVD", id: "CVE-2016-20009", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202103-841", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wind River VxWorks Out-of-bounds Vulnerability in Microsoft", sources: [ { db: "JVNDB", id: "JVNDB-2016-009699", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202103-841", }, ], trust: 0.6, }, }
cve-2016-20009
Vulnerability from cvelistv5
Published
2021-03-11 21:39
Modified
2024-08-06 03:47
Severity ?
EPSS score ?
Summary
A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
References
| ▼ | URL | Tags |
|---|---|---|
| https://blog.exodusintel.com/2016/08/09/vxworks-execute-my-packets/ | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-553445.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T03:47:34.869Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blog.exodusintel.com/2016/08/09/vxworks-execute-my-packets/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-553445.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-08-10T11:06:46", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://blog.exodusintel.com/2016/08/09/vxworks-execute-my-packets/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-553445.pdf", }, ], tags: [ "unsupported-when-assigned", ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-20009", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "** UNSUPPORTED WHEN ASSIGNED ** A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://blog.exodusintel.com/2016/08/09/vxworks-execute-my-packets/", refsource: "MISC", url: "https://blog.exodusintel.com/2016/08/09/vxworks-execute-my-packets/", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-553445.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-553445.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-20009", datePublished: "2021-03-11T21:39:25", dateReserved: "2021-03-11T00:00:00", dateUpdated: "2024-08-06T03:47:34.869Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2021-03-11 22:15
Modified
2024-11-21 02:47
Severity ?
Summary
A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://blog.exodusintel.com/2016/08/09/vxworks-execute-my-packets/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://cert-portal.siemens.com/productcert/pdf/ssa-553445.pdf | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.exodusintel.com/2016/08/09/vxworks-execute-my-packets/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-553445.pdf | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| windriver | vxworks | * | |
| siemens | sgt-100_firmware | * | |
| siemens | sgt-100 | - | |
| siemens | sgt-200_firmware | * | |
| siemens | sgt-200 | - | |
| siemens | sgt-300_firmware | * | |
| siemens | sgt-300 | - | |
| siemens | sgt-400_firmware | * | |
| siemens | sgt-400 | - | |
| siemens | sgt-a20_firmware | * | |
| siemens | sgt-a20 | - | |
| siemens | sgt-a35_firmware | * | |
| siemens | sgt-a35 | - | |
| siemens | sgt-a65_firmware | * | |
| siemens | sgt-a65 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*", matchCriteriaId: "B41CC977-326E-4BEE-BC9A-93A64C8628D4", versionEndIncluding: "7.0", versionStartIncluding: "6.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sgt-100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "988EC5E4-0049-4072-A4BD-BD528C033805", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sgt-100:-:*:*:*:*:*:*:*", matchCriteriaId: "E678D371-C274-4E49-8485-AB3D1835B822", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sgt-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4F25DE38-9193-4350-9B1F-B6441AC7047B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sgt-200:-:*:*:*:*:*:*:*", matchCriteriaId: "CB1B10D2-C5E7-4C0D-9BED-606FB1C01276", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sgt-300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FB59465A-3F1C-4035-B6BE-B4F8FAAAB4DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sgt-300:-:*:*:*:*:*:*:*", matchCriteriaId: "15B3EAEB-E209-4A6A-AA04-9497A8D47703", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sgt-400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8B39AD60-6DCB-4466-A5AD-98ACCF1E08B2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sgt-400:-:*:*:*:*:*:*:*", matchCriteriaId: "8D3FA43D-2BDA-4CBC-B6CB-E674CECAC086", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sgt-a20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "58C64347-8FB3-403D-A4BA-ABA5FE89AE4A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sgt-a20:-:*:*:*:*:*:*:*", matchCriteriaId: "23F32AEA-E2E9-417C-8C86-A08004F377C2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sgt-a35_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "32671BC6-DBED-41FB-B61F-553A70819FA0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sgt-a35:-:*:*:*:*:*:*:*", matchCriteriaId: "1D3F0086-DF1D-4EFF-BA2A-8F9ED2A8FCAE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sgt-a65_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "15B1A88C-7FC3-456F-A0E5-157EADBF8012", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sgt-a65:-:*:*:*:*:*:*:*", matchCriteriaId: "8F46F8C7-A7DD-4CD4-9DF8-04C7B9ABC89B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [ { sourceIdentifier: "cve@mitre.org", tags: [ "unsupported-when-assigned", ], }, ], descriptions: [ { lang: "en", value: "A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer", }, { lang: "es", value: "** NO COMPATIBLE CUANDO SE ASIGNÓ ** Un desbordamiento del búfer en la región stack de la memoria del cliente DNS en la función ipdnsc_decode_name() afecta a Wind River VxWorks versiones 6.5 hasta 7. NOTA: Esta vulnerabilidad solo afecta a los productos que ya no son compatibles con el mantenedor", }, ], id: "CVE-2016-20009", lastModified: "2024-11-21T02:47:32.740", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-11T22:15:12.120", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://blog.exodusintel.com/2016/08/09/vxworks-execute-my-packets/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-553445.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://blog.exodusintel.com/2016/08/09/vxworks-execute-my-packets/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-553445.pdf", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }