CVE-2012-3291

OpenConnect <3.18 - Buffer Overflow

Title source: llm
STIX 2.1

Description

Heap-based buffer overflow in OpenConnect 3.18 allows remote servers to cause a denial of service via a crafted greeting banner.

References (6)

Core 6
Core References
Various Sources x_refsource_confirm
http://www.infradead.org/openconnect/changelog.html
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2012/dsa-2495
Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079747.html
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17242
Mailing List vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2013-06/msg00186.html

Scores

EPSS 0.0232
EPSS Percentile 81.5%

Details

CWE
CWE-119
Status published
Products (27)
infradead/openconnect 1.00
infradead/openconnect 1.10
infradead/openconnect 1.20
infradead/openconnect 1.30
infradead/openconnect 1.40
infradead/openconnect 2.00
infradead/openconnect 2.01
infradead/openconnect 2.10
infradead/openconnect 2.11
infradead/openconnect 2.12
... and 17 more
Published Jun 07, 2012
Tracked Since Feb 18, 2026