First published: Fri Dec 11 2020(Updated: )
An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that parses incoming DNS packets does not validate that the incoming DNS replies match outgoing DNS queries in newdata() in resolv.c. Also, arbitrary DNS replies are parsed if there was any outgoing DNS query with a transaction ID that matches the transaction ID of an incoming reply. Provided that the default DNS cache is quite small (only four records) and that the transaction ID has a very limited set of values that is quite easy to guess, this can lead to DNS cache poisoning.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Uip Project Uip | =1.0 | |
Contiki-os Contiki | =3.0 | |
Multiple (open source) picoTCP-NG, Version 1.7.0 and prior | ||
Multiple (open source) picoTCP (EOL), Version 1.7.0 and prior | ||
Multiple (open source) FNET, Version 4.6.3 | ||
Multiple (open source) Nut/Net, Version 5.1 and prior |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-17439 is a vulnerability discovered in uIP 1.0, as used in Contiki 3.0 and other products, that allows arbitrary DNS replies to be parsed if there was any outgoing DNS query.
The severity of CVE-2020-17439 is high, with a severity value of 8.3.
CVE-2020-17439 allows for arbitrary DNS replies to be parsed, which could potentially lead to DNS spoofing or other malicious activities.
The affected software includes uIP 1.0 as used in Contiki 3.0 and other products.
Currently, there are no known fixes for CVE-2020-17439. It is recommended to follow the mitigation steps provided by the vendor or refer to the provided references for any updates.