Description
Heap-based buffer overflow in OpenConnect 3.18 allows remote servers to cause a denial of service via a crafted greeting banner.
References (6)
Core 6
Core References
Various Sources x_refsource_confirm
http://www.infradead.org/openconnect/changelog.html
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2012/dsa-2495
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079747.html
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17242
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2013-06/msg00186.html
Various Sources x_refsource_confirm
http://git.infradead.org/users/dwmw2/openconnect.git/commitdiff/14cae65318d3ef1f7d449e463b72b6934e82f1c2
Scores
EPSS
0.0232
EPSS Percentile
81.5%
Details
CWE
CWE-119
Status
published
Products (27)
infradead/openconnect
1.00
infradead/openconnect
1.10
infradead/openconnect
1.20
infradead/openconnect
1.30
infradead/openconnect
1.40
infradead/openconnect
2.00
infradead/openconnect
2.01
infradead/openconnect
2.10
infradead/openconnect
2.11
infradead/openconnect
2.12
... and 17 more
Published
Jun 07, 2012
Tracked Since
Feb 18, 2026