CVE-2020-11901
First published: Wed Jun 17 2020(Updated: )
The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Treck TCP/IP | <6.0.1.66 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-006.txt
- https://jsof-tech.com/vulnerability-disclosure-policy/
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC
- https://www.dell.com/support/article/de-de/sln321836/dell-response-to-the-ripple20-vulnerabilities
- https://www.jsof-tech.com/ripple20/
- https://www.kb.cert.org/vuls/id/257161
- https://www.kb.cert.org/vuls/id/257161/
- https://www.treck.com
Frequently Asked Questions
What is CVE-2020-11901?
CVE-2020-11901 is a vulnerability in the Treck TCP/IP stack that allows remote code execution through a single invalid DNS response.
How severe is CVE-2020-11901?
CVE-2020-11901 is classified as critical with a severity score of 9.
How does CVE-2020-11901 impact Treck TCP/IP stack?
CVE-2020-11901 allows remote attackers to execute arbitrary code by sending a single invalid DNS response to the Treck TCP/IP stack.
What software versions are affected by CVE-2020-11901?
Versions of the Treck TCP/IP stack up to and including 6.0.1.66 are affected by CVE-2020-11901.
How can I fix CVE-2020-11901?
To fix CVE-2020-11901, users should update to Treck TCP/IP stack version 6.0.1.67 or later.
- agent/weakness
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/author
- agent/event
- agent/description
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/treck
- canonical/treck tcp/ip