Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
butok fnet vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2020-17467
An issue exists in FNET up to and including 4.6.4. The code for processing the hostname from an LLMNR request doesn't check for '\0' termination. Therefore, the deduced length of the hostname doesn't reflect the correct length of the actual data. This may lead...
Butok Fnet
9.1
CVSSv3
CVE-2020-24383
An issue exists in FNET up to and including 4.6.4. The code for processing resource records in mDNS queries doesn't check for proper '\0' termination of the resource record name string, leading to an out-of-bounds read, and potentially causing information leak or D...
Butok Fnet
7.5
CVSSv3
CVE-2020-17468
An issue exists in FNET up to and including 4.6.4. The code for processing the hop-by-hop header (in the IPv6 extension headers) doesn't check for a valid length of an extension header, and therefore an out-of-bounds read can occur in _fnet_ip6_ext_header_handler_options in ...
Butok Fnet
7.5
CVSSv3
CVE-2020-17469
An issue exists in FNET up to and including 4.6.4. The code for IPv6 fragment reassembly tries to access a previous fragment starting from a network incoming fragment that still doesn't have a reference to the previous one (which supposedly resides in the reassembly list). W...
Butok Fnet
5.3
CVSSv3
CVE-2020-17470
An issue exists in FNET up to and including 4.6.4. The code that initializes the DNS client interface structure does not set sufficiently random transaction IDs (they are always set to 1 in _fnet_dns_poll in fnet_dns.c). This significantly simplifies DNS cache poisoning attacks.
Butok Fnet
9.1
CVSSv3
CVE-2020-27633
In FNET 4.6.3, TCP ISNs are improperly random.
Butok Fnet 4.6.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started