近期CVE通告treck开发并广泛使用的底层TCP/IP库中出现19个0day漏洞,我司使用的两个IPS产品是否受影响。
我司的两个IPS信息:
H3C SecPath T1000-C /软件版本:i-Ware software, Version 1.10, Ess 1222P10,序列号:210235A0EWH156000001
TippingPoinT IPS 330 /Product Code:TPT-330, Serial NumberU330C-99A2-941F TOS Version:2.5.5.6994
零日漏洞信息:
CVE-2020-11896 - Malformed IPv4 Tunnelled Packets Processing Remote Code Execution Vulnerability
CVE-2020-11897 - Malformed IPv6 Packets Processing Out Of Bounds Read Write Vulnerability
CVE-2020-11898 - Malformed IPv4 Packets Processing Out Of Bounds Read Vulnerability
CVE-2020-11899 - Improper Input Validation in IPv6 handling Our Of Bounds Read Vulnerability
CVE-2020-11900 - Double free in IPv4 tunnelling compnent
CVE-2020-11901 - DNS Response Processing Remote Code Execution Vulnerability
CVE-2020-11902 - Out of Bounds Read when processing IPv6OverIPv4 packets
CVE-2020-11903 - Out Of Bounds Read processing DHCP response
CVE-2020-11904 - Integer overflow in memory allocation
CVE-2020-11905 - Out Of Bounds read in DHCPv6 component
CVE-2020-11906 - Integer Underflow in Ethernet Link Layer Component
CVE-2020-11907 - Integer Underflow in TCP processing
CVE-2020-11908 - Improper Null Termination in DHCP component
CVE-2020-11909 - Improper input validation in IPv4 component
CVE-2020-11910 - Improper input validation in ICMPv4 component
CVE-2020-11911 - Improper Access Control in ICMPv4 component
CVE-2020-11912 - Improper Input Validation in TCP component
CVE-2020-11913 - Improper Input Validation in IPv6 component
CVE-2020-11914 - Improper Input Validation in ARP component
(0)
最佳答案
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作
举报
×
侵犯我的权益
×
侵犯了我企业的权益
×
抄袭了我的内容
×
原文链接或出处
诽谤我
×
对根叔社区有害的内容
×
不规范转载
×
举报说明
暂无评论