Overview
Automatic DNS registration and autodiscovery functionality provides an opportunity for the misconfiguration of networks, resulting in a loss of confidentiality and integrity of the network if an attacker on the network adds a specially configured proxy device.
Description
The Web Proxy Automatic Discovery (WPAD) protocol is used to automatically provide proxy configuration information to devices on a network. Clients issue a special DHCP request to obtain the information for the proxy configuration, but will fall back on a DNS request to one of several standardized URLs making use of the subdomain name of “wpad” if a DHCP response is unavailable. An attacker with local area network (LAN) access may be able to add a device with the name “wpad” to the network, which may produce a collision with a standardized WPAD DNS name. Many customer premise home/office routers (including, but not limited to, Google Wifi and Ubiquiti UniFi) automatically register device names as DNS A records on the LAN, which may allow an attacker to utilize a specially named and configured device to act as a WPAD proxy configuration server. The attacker-served proxy configuration can result in the loss of confidentiality and integrity of any network activity by any device that utilizes WPAD. |
Impact
An attacker, with access to the network, could add a malicious device to the network with the name "WPAD". This attacker may be able to utilize DNS auto-registration and auto-discovery to act as a proxy for victims on the network, resulting in a loss of confidentiality and integrity of network activity. |
Solution
Home/office LAN/WLAN routers should not auto-register to their local DNS magic names related to auto-configuration and auto-discovery features should not accept mDNS based names as authoritative sources. |
Vendor Information
ADTRAN Affected
Notified: July 18, 2018 Updated: September 04, 2018
Statement Date: August 30, 2018
Status
Affected
Vendor Statement
ADTRAN has affected products and their advisory will be available at the vendor web site.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Vendor References
MikroTik Affected
Notified: July 18, 2018 Updated: September 19, 2018
Statement Date: September 10, 2018
Status
Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Pi-Hole Affected
Updated: October 01, 2018
Statement Date: September 08, 2018
Status
Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Synology Affected
Notified: July 18, 2018 Updated: September 05, 2018
Statement Date: July 20, 2018
Status
Affected
Vendor Statement
Synology has prepared updates to the majority of their products to fix this vulnerability. Please check https://www.synology.com/en-global/support/security/Synology_SA_18_53.
Vendor References
- httpDSM6.2.1-23824
- https://www.synology.com/en-us/releaseNote/RT2600ac SRM1.1.7-6941-2
- https://www.synology.com/en-us/releaseNote/FS3017
Addendum
- Synology has released updates to our majority products for fixing the vulnerability:
List of affected products: https://www.synology.com/en-global/support/security/Synology_SA_18_53
- DSM 6.2.1-23824 (https://www.synology.com/en-us/releaseNote/FS3017)
- SRM 1.1.7-6941-2 (https://www.synology.com/en-us/releaseNote/RT2600ac)
We will publish a security advisory after public disclosure. Thank you.
- Synology Security Team.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
TippingPoint Technologies Inc. Affected
Notified: July 18, 2018 Updated: October 23, 2018
Statement Date: October 08, 2018
Status
Affected
Vendor Statement
The WPAD attack mechanism is not filterable by TippingPoint.However, the Jscript payload is filterable.
Here is the list of JS vulnerabilities from Project Zero
The WPAD attack mechanism is not filterable by TippingPoint. However, the Jscript payload is filterable.
Here is the list of JS vulnerabilities from Project Zero + our filters
---------------------------------------
| Google ID | CVE | SigKB |
---------------------------------------
| 1376 | CVE-2017-11903 | 30079 |
| 1340 | CVE-2017-11810 | 29707 |
| 1381 | CVE-2017-11793 | 29705 |
| 1369 | CVE-2017-11890 | 30068 |
| 1383 | CVE-2017-11907 | 30081 |
| 1378 | CVE-2017-11855 | 29918 |
| 1382 | CVE-2017-11906 | - |
---------------------------------------
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Ubiquiti Networks Affected
Notified: July 18, 2018 Updated: September 06, 2018
Statement Date: September 05, 2018
Status
Affected
Vendor Statement
The recently launched UniFi Security Gateway firmware (4.4.28) that fix the vulnerability "VU#598349":
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Vendor References
Ceragon Networks Inc Not Affected
Notified: July 18, 2018 Updated: August 22, 2018
Statement Date: August 02, 2018
Status
Not Affected
Vendor Statement
Not Affected.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Check Point Software Technologies Not Affected
Notified: July 18, 2018 Updated: July 20, 2018
Statement Date: July 19, 2018
Status
Not Affected
Vendor Statement
Check Point Software Technologies is not vulnerable to this.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Juniper Networks Not Affected
Notified: July 18, 2018 Updated: July 20, 2018
Statement Date: July 19, 2018
Status
Not Affected
Vendor Statement
Thank you for sending us this report. As per our initial assessment, Juniper routers are unaffected since they do not consider host names provided in DHCP requests. If our devices are found vulnerable we will take steps to fix them and publish advisories on or after public disclosure of this issue.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
NLnet Labs Not Affected
Notified: July 18, 2018 Updated: July 23, 2018
Statement Date: July 23, 2018
Status
Not Affected
Vendor Statement
Since NSD does not have DHCP DNS registration and autodiscovery functionality, we need to take no action. So NSD is not vulnerable.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
3com Inc Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
8e6 Technologies Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
A10 Networks Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
ACCESS Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
ANTlabs Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
ARRIS Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
ASP Linux Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
AT&T Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
AVM GmbH Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Actelis Networks Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Actiontec Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Aerohive Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
AhnLab Inc Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
AirWatch Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Akamai Technologies, Inc. Unknown
Notified: July 23, 2018 Updated: July 23, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Alcatel-Lucent Enterprise Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Alpha Networks Inc Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Alpine Linux Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Alvarion Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Amazon Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Android Open Source Project Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Aperto Networks Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Appgate Network Security Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Apple Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Arch Linux Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Arista Networks, Inc. Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Aruba Networks Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
AsusTek Computer Inc. Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Atheros Communications, Inc. Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Avaya, Inc. Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Barnes and Noble Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Barracuda Networks Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Belkin, Inc. Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Bell Canada Enterprises Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Bit9 Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
BlackBerry Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Bloxx Ltd Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Blue Coat Systems Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
BlueCat Networks, Inc. Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Blunk Microsystems Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Broadcom Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Brocade Communication Systems Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
BullGuard Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
CA Technologies Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
CMX Systems Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Cambium Networks Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
CentOS Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Cirpack Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Cisco Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Comcast Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Command Software Systems Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Contiki OS Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
CoreOS Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Cradlepoint Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Cricket Wireless Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
D-Link Systems, Inc. Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Debian GNU/Linux Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Dell Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Dell EMC Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Dell SecureWorks Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
DesktopBSD Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Deutsche Telekom Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Devicescape Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Digi International Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
DragonFly BSD Project Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
ENEA Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
EfficientIP SAS Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Ericsson Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Espressif Systems Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
European Registry for Internet Domains Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Express Logic Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Extreme Networks Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
F-Secure Corporation Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
F5 Networks, Inc. Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Fastly Unknown
Notified: August 29, 2018 Updated: August 29, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Fedora Project Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Force10 Networks Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Fortinet, Inc. Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Foundry Brocade Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
FreeBSD Project Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
GFI Software, Inc. Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
GNU adns Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
GNU glibc Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Geexbox Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Gentoo Linux Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Google Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
HP Inc. Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
HTC Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
HardenedBSD Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Hewlett Packard Enterprise Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Hitachi Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
HomeSeer Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Honeywell Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Huawei Technologies Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
IBM Corporation (zseries) Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
IBM Global Services Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
IBM eServer Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
IBM, INC. Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
INTEROP Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Illumos Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
InfoExpress, Inc. Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Infoblox Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Inmarsat Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Intel Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Internet Systems Consortium Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Internet Systems Consortium - DHCP Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Interniche Technologies, inc. Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
JH Software Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Joyent Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Kyocera Communications Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
LANCOM Systems GmbH Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
LG Electronics Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Lancope Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Lantronix Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Lenovo Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Linksys Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Lynx Software Technologies Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Marvell Semiconductors Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
McAfee Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
MediaTek Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Medtronic Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Men & Mice Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
MetaSwitch Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Micro Focus Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Microchip Technology Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Microsoft Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Microsoft Vulnerability Research Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Miredo Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Mitel Networks, Inc. Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
MontaVista Software, Inc. Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Motorola, Inc. Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Muonics, Inc. Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
NAS4Free Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
NEC Corporation Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
NETSCOUT Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
NIKSUN Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
NetBSD Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
NetBurner Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Netgear, Inc. Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Nexenta Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Nixu Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Nokia Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Nominum Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
OmniTI Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
OpenBSD Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
OpenConnect Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
OpenDNS Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
OpenIndiana Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Openwall GNU/*/Linux Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Oracle Corporation Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Oryx Embedded Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
PHPIDS Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Paessler Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Pantech North America Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Peplink Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Philips Electronics Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
PowerDNS Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Proxim, Inc. Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Pulse Secure Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
QLogic Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
QNX Software Systems Inc. Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
QUALCOMM Incorporated Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Quadros Systems Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Quagga Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Quantenna Communications Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Red Hat, Inc. Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
ReefEdge, Inc. Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Riverbed Technologies Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Rocket RTOS Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Roku Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Ruckus Wireless Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
SMC Networks, Inc. Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
SUSE Linux Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
SafeNet Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Samsung Mobile Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Samsung Semiconductor Inc. Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Secure64 Software Corporation Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Sierra Wireless Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Slackware Linux Inc. Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Snort Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
SonicWall Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Sonos Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Sony Corporation Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Sophos, Inc. Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Sourcefire Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Sybase Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Symantec Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
TCPWave Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
TP-LINK Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Technicolor Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
The Open Group Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
The SCO Group (SCO Unix) Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Tizen Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Toshiba Commerce Solutions Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
TrueOS Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Turbolinux Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Ubuntu Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Unisys Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
VMware Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Vertical Networks, Inc. Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Wind River Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
WizNET Technology Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Xiaomi Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Xilinx Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Zebra Technologies Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Zephyr Project Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
ZyXEL Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
aep NETWORKS Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
dnsmasq Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
eero Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
gdnsd Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
iPass Inc Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
m0n0wall Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
netsnmp Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
netsnmpj Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
pfSENSE Unknown
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | 0 | AV:--/AC:--/Au:--/C:--/I:--/A:-- |
| Temporal | 0 | E:ND/RL:ND/RC:ND |
| Environmental | 0 | CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND |
References
Acknowledgements
This attack was found, tested and reported by Ossi Salmi, Mika Seppänen, Marko Laakso and Kasper Kyllönen of Arctic Security. We asked help of Jussi Eronen and Iikka Sovanto of NCSC-FI in reaching out the vendor representatives.
This document was written by Laurie Tyzenhaus and Garret Wasserman.
Other Information
| CVE IDs: | CVE-2017-11903, CVE-2017-11810, CVE-2017-11793, CVE-2017-11890, CVE-2017-11907, CVE-2017-11906, CVE-2017-11855 |
| Date Public: | 2018-09-05 |
| Date First Published: | 2018-09-05 |
| Date Last Updated: | 2018-10-23 17:34 UTC |
| Document Revision: | 59 |