Articles Script to detect vulnerable TCP / IP stacks

Script to detect vulnerable TCP / IP stacks


Forescout has released an open source tool to help identify network devices running TCP / IP stacks affected by the “Amnesia: 33” vulnerability bundle.

We wrote about 33 vulnerabilities in four open source TCP / IP libraries in early December. As noted by cybersecurity researchers, leaky libraries are used in firmware from more than 150 vendors.

In addition, the experts also identified four new vulnerabilities in the Treck TCP / IP stack version and older. By the way, Treck confirmed the presence of security problems .

The most dangerous vulnerability in the bundle – CVE-2020-25066 – has been given a critical status, if exploited, an attacker can cause a DoS, and, more importantly, execute arbitrary code.

Fortunately, the developers have already fixed the identified vulnerabilities, and the researchers did not find any publicly available exploits designed to exploit these particular holes.

As for the Forescout tool, you can find it on GitHub. In essence, this is a script whose main task is to detect the use of one of the four vulnerable TCP / IP stacks.

“Just in case, let us clarify that the script is not devoid of the problem of false positives,” – said representatives of Forescout.

Must read

28 dangerous extensions detected for Google Chrome and Microsoft Edge

Avast experts have discovered malware hidden in at least 28 third-party...

Critical Infrastructure Warning! Millions of PLCs, switches, IoT devices are under threat

Eleven vulnerabilities, combined under the name Urgent / 11,...

Why Is It Important To Have Intrusion Detection And Prevention ?

This article describes why detection and prevention of burglaries...

The risk is real: attacks on OT infrastructure

Previously, many believed that attacks on an isolated OT...

Gitpaste-12: Linux bot armed with a dozen exploits

Researchers at Juniper Networks have discovered a Linux scripting...

Saferwall : Open Source Malware Analysis

Saferwall is an open source malware analysis platform. It...

Network Vulnerability Assessment ? Why Should Every Company Do it at least once a Year !

Network vulnerability assessment analyzes a variety of network issues,...

Artificial Intelligence and Cyber Security

As artificial intelligence intrudes into the world of cybersecurity,...

You might also likeRELATED
Recommended to you