Blacksheeep

**Name of the Vulnerable Software and Affected Versions** CCN-lite version 2.0.1 **Description** An issue was discovered in the handling of binary CCNx or NDN files, where a heap-based buffer overflow occurs due to an array lacking '0' termination. This can result in heap corruption. The issue is related to the `mkAddToRelayCacheRequest` and `ccnl populate cache` functions. **Recommendations** For CCN-lite version 2.0.1, the issue was addressed by fixing the memory management in `mkAddToRelayCacheRequest` in ccn-lite-ctrl.c. Update the affected function to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** CCN-lite version 2 **Description** The issue arises in the `ccnl prefix to str detailed` function, which can cause a buffer overflow when writing a prefix to the buffer `buf`. The buffer size is defined as `CCNL MAX PREFIX SIZE`, but when NFN is enabled, additional characters such as "NFN" and "R2C" tags are written to the buffer, potentially causing an overflow. This can occur when sending an NFN-R2C packet with a prefix of size `CCNL MAX PREFIX SIZE`. **Recommendations** For CCN-lite version 2, consider disabling NFN support to prevent the buffer overflow in the `ccnl prefix to str detailed` function until a patch is available. Restrict access to the `ccnl prefix to str detailed` function to minimize the risk of exploitation. Avoid using the `buf` buffer with NFN-R2C packets that have a prefix of size `CCNL MAX PREFIX SIZE` until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** CCN-lite version 2 **Description** The issue arises from the Parser of NDNTLV in CCN-lite, where it fails to verify if a certain component's length field matches the actual component length. This oversight leads to a buffer overflow and out-of-bounds memory accesses. **Recommendations** For CCN-lite version 2, update the Parser of NDNTLV to include length verification for components to prevent buffer overflow and out-of-bounds memory accesses.

Name of the Vulnerable Software and Affected Versions: CCN-lite versions prior to 2.00 Description: The issue is related to a memory leak in the `ccnl app RX` function, which can be exploited by context-dependent attackers to cause a denial of service due to memory consumption. This occurs when an `envelope s` structure pointer is involved and the packet format is unknown. Recommendations: For versions prior to 2.00, update to version 2.00 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: CCN-lite versions prior to 2.00 Description: The issue is related to an integer overflow in the ndn parse sequence function, allowing context-dependent attackers to have an unspecified impact. This is achieved via vectors involving the `typ` and `vallen` variables. Recommendations: For versions prior to 2.00, update to version 2.00 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: CCN-lite (affected versions not specified) Description: The issue allows context-dependent attackers to cause a denial of service, resulting in an application crash. This can be achieved via vectors involving packets with incorrect L values, specifically through the ccnl ccntlv bytes2pkt function. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.