Vulnerabilities > CCN Lite

DATE CVE VULNERABILITY TITLE RISK
2018-06-26 CVE-2018-12889 Out-of-bounds Write vulnerability in Ccn-Lite 2.0.1
An issue was discovered in CCN-lite 2.0.1.
network
low complexity
ccn-lite CWE-787
7.5
2018-02-14 CVE-2018-7039 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ccn-Lite 2.0.0
CCN-lite 2.0.0 Beta allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact because the ccnl_ndntlv_prependBlob function in ccnl-pkt-ndntlv.c can be called with wrong arguments.
network
low complexity
ccn-lite CWE-119
7.5
2018-02-13 CVE-2018-6953 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ccn-Lite 2.0.0
In CCN-lite 2, the Parser of NDNTLV does not verify whether a certain component's length field matches the actual component length, which has a resultant buffer overflow and out-of-bounds memory accesses.
network
low complexity
ccn-lite CWE-119
7.5
2018-02-13 CVE-2018-6948 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ccn-Lite 2.0.0
In CCN-lite 2, the function ccnl_prefix_to_str_detailed can cause a buffer overflow, when writing a prefix to the buffer buf.
network
low complexity
ccn-lite CWE-119
7.5
2018-02-07 CVE-2017-12473 Improper Input Validation vulnerability in Ccn-Lite
ccnl_ccntlv_bytes2pkt in CCN-lite allows context-dependent attackers to cause a denial of service (application crash) via vectors involving packets with "wrong L values."
network
low complexity
ccn-lite CWE-20
5.0
2018-02-07 CVE-2017-12472 NULL Pointer Dereference vulnerability in Ccn-Lite
ccnl-ext-mgmt.c in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact by leveraging missing NULL pointer checks after ccnl_malloc.
network
low complexity
ccn-lite CWE-476
7.5
2018-02-07 CVE-2017-12471 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ccn-Lite
The cnb_parse_lev function in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact by leveraging failure to check for out-of-bounds conditions, which triggers an invalid read in the hexdump function.
network
low complexity
ccn-lite CWE-119
7.5
2018-02-07 CVE-2017-12470 Integer Overflow or Wraparound vulnerability in Ccn-Lite
Integer overflow in the ndn_parse_sequence function in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact via vectors involving the typ and vallen variables.
network
low complexity
ccn-lite CWE-190
7.5
2018-02-07 CVE-2017-12469 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ccn-Lite
Buffer overflow in util/ccnl-common.c in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact by leveraging incorrect memory allocation.
network
low complexity
ccn-lite CWE-119
7.5
2018-02-07 CVE-2017-12468 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ccn-Lite
Buffer overflow in ccn-lite-ccnb2xml.c in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact via vectors involving the vallen and len variables.
network
low complexity
ccn-lite CWE-119
7.5