Legends of IdleOn – I Reject Your RNG And Substitute My Own
Posted by Soatok Dreamseeker on Jan 17 Hello Full Disclosure mailing list! Legends of IdleOn is a popular free-to-play game on Android, iOS, Steam, and...
Buffer over-read in dtls_sha256_update of TinyDTLS
Posted by Meng Ruijie on Jan 17 [Suggested description] An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. A buffer over-read exists in the dtls_sha256_update...
Misues same epoch number within TCP lifetime in TinyDTLS
Posted by Meng Ruijie on Jan 17 [Suggested description] An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. DTLS servers allow remote attackers to reuse...
Assertion failure in check_certificate_request() of TinyDTLS
Posted by Meng Ruijie on Jan 17 [Suggested description] An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. An assertion failure in check_certificate_request() causes the...
Buffer over-read in TinyDTLS
Posted by Meng Ruijie on Jan 17 [Suggested description] An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. Incorrect handling of over-large packets in dtls_ccm_decrypt_message()...
Infinite loop leading to buffer overflow in TinyDTLS
Posted by Meng Ruijie on Jan 17 [Suggested description] An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. An infinite loop bug exists during the...
Mishandle epoch number in TinyDTLS servers
Posted by Meng Ruijie on Jan 17 About CVE-2021-42142: [Suggested description] An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. DTLS servers mishandle the early...
Incorrect handshake in TinyDTLS
Posted by Meng Ruijie on Jan 17 About CVE-2021-42141: [Suggested description] An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. One incorrect handshake could complete...
ODR violation in Redis Raft
Posted by Meng Ruijie on Jan 17 [Suggested description] Redis raft master-1b8bd86 to master-7b46079 was discovered to contain an ODR violation via the component hiredisAllocFns...
From Email to RAT: Deciphering a VBS Script-Driven Campaign
Authored by Preksha Saxena and Yashvi Shah McAfee Labs has been tracking a sophisticated VBS campaign characterized by obfuscated Visual Basic Scripting (VBS). Initially delivering...