CVE-2012-6128

Published: Feb 24, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

Multiple stack-based buffer overflows in http.c in OpenConnect before 4.08 allow remote VPN gateways to cause a denial of service (application crash) via a long (1) hostname, (2) path, or (3) cookie list in a response.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

MDVSA-2013:108

vendor-advisory

x_refsource_MANDRIVA

http://www.infradead.org/openconnect/changelog.html

x_refsource_CONFIRM

[oss-security] 20130212 Re: CVE request: openconnect buffer overflow

mailing-list

x_refsource_MLIST

DSA-2623

vendor-advisory

x_refsource_DEBIAN

openconnect-vpngateway-bo(82058)

vdb-entry

x_refsource_XF

57884

vdb-entry

x_refsource_BID

openSUSE-SU-2013:0979

vendor-advisory

x_refsource_SUSE

http://git.infradead.org/users/dwmw2/openconnect.git/commitdiff/26f752c3dbf69227679fc6bebb4ae071aecec491

x_refsource_CONFIRM

https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0060

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2012-6128

Description

Affected Products

References