ID:8009 - Exploit for Improper Handling of Length Parameter Inconsistency in TCP/IP stack - CVE-2020-11898

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:8009 - Exploit for Improper Handling of Length Parameter Inconsistency in TCP/IP stack - CVE-2020-11898

ID:8009 - Exploit for Improper Handling of Length Parameter Inconsistency in TCP/IP stack - CVE-2020-11898

Published: June 9, 2022


Vulnerability identifier: #VU29091
Vulnerability risk: Medium
CVE-ID: CVE-2020-11898
CWE-ID: CWE-130
Exploitation vector: Remote access
Vulnerable software:
TCP/IP stack

Link to public exploit:


Vulnerability description

The vulnerability allows a remote attacker to gain access to sensitive information or perform a denial of service (DoS) attack.

The vulnerability exists due to improper handling of length parameter inconsistency in Pv4/ICMPv4 component. A remote attacker can send a specially crafted packet and trigger out-of-bounds read, leading to information disclosure or denial of service condition.


Remediation

Install updates from vendor's website.