Security News > 2020 > December > Script for detecting vulnerable TCP/IP stacks released
Just as ICS-CERT published a new advisory detailing four new vulnerabilities in the Treck TCP/IP stack, Forescout released an open-source tool for detecting whether a network device runs one of the four open-source TCP/IP stacks affected by the Amnesia:33 vulnerabilities.
Previous vulnerability research by JSOF researchers explained how separate branches of the vulnerable stack came to be.
A tool for detecting vulnerable TCP/IP stacks in use.
To help with that, Forescout has created the project-memoria-detector tool - an open-source script that identifies the use of four TCP/IP stacks on a target device via three active fingerprinting methods.
They intend to update the script with detections for other stacks in the future as they disclose additional vulnerabilities, and urge the community to help the tool get better at detecting currently vulnerable TCP/IP stacks or other stacks.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/ksWJ10w_Tyc/