Tens of millions of Internet connected devices — including medical equipment, storage systems, servers, firewalls, commercial network equipment, and consumer Internet of Things (IoT) products — are open to potential remote code execution and denial-of-service attacks because of vulnerable DNS implementations.
A new study that Forescout Research Labs and JSOF Research conducted recently has uncovered a set of nine vulnerabilities in four TCP/IP stacks present in billions of devices worldwide. The four stacks in which the vulnerabilities exist are FreeBSD, Nucleus NET, NetX, and IPnet.
"These vulnerabilities affect many devices because of the widespread nature of implementations in TCP/IP stacks," says Daniel dos Santos, research manager at Forescout. Significantly, such vulnerabilities are likely to be more widespread than just on TCP/IP stacks, he says. "Any software that processes DNS packets may be affected, such as firewalls, intrusion detection systems, and other network appliances," dos Santos says. "That is why we are releasing tools for other researchers and developers to find and fix these problems."
FreeBSD is used in many high-performance servers, printers, firewalls, and embedded systems deployed on IT networks around the world, including at major companies such as Yahoo and Netflix. Nucleus NET is part of Nucleus RTOS, a real-time operating system from Siemens that is used in many industrial systems, medical, automation, and airborne systems. The OS is most commonly found in devices used for building automation and in operational technology and VoIP environments. NetX is com ..