Security researchers at Forescout in cooperation with JSOF experts discovered multiple vulnerabilities affecting millions of servers, industrial and «smart» devices.

The vulnerabilities, dubbed NAME:WRECK, is related to how TCP/IP stacks implement DNS traffic. Exploitation of vulnerabilities can cause denial of service (DoS) condition or remote code execution (RCE). Thus, attackers can disable target devices or take over control.

NAME:WRECK affects the DNS implementations in the following TCP/IP stacks:

• FreeBSD (vulnerable version: 12.1) - one of the most popular operating system in the BSD family

• IPnet (vulnerable version: VxWorks 6.6) - initially developed by Interpeak, it is now under WindRiver maintenance and used by VxWorks real-time operating system (RTOS)

• NetX (vulnerable version: 6.0.1) - part of the ThreadX RTOS, it is now an open-source project maintained by Microsoft under the name Azure RTOS NetX

• Nucleus NET (vulnerable version: 4.3) - part of the Nucleus RTOS maintained by Mentor Graphics, a Siemens business, it is used in medical, industrial, consumer, aerospace, and Internet of Things devices.

The experts reported their findings to the stack developers, FreeBSD, Nucleus NET and NetX received fixes. IPNet still contains NAME:WRECK vulnerabilities.

Source: securitylab.ru; bleepingcomputer.com