Vulnerability Details CVE-2012-3291
Heap-based buffer overflow in OpenConnect 3.18 allows remote servers to cause a denial of service via a crafted greeting banner.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 77.7%
CVSS Severity
CVSS v2 Score 7.8
References
- http://git.infradead.org/users/dwmw2/openconnect.git/commitdiff/14cae65318d3ef1f7d449e463b72b6934e82f1c2
- http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079747.html
- http://lists.opensuse.org/opensuse-updates/2013-06/msg00186.html
- http://www.debian.org/security/2012/dsa-2495
- http://www.infradead.org/openconnect/changelog.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17242
- http://git.infradead.org/users/dwmw2/openconnect.git/commitdiff/14cae65318d3ef1f7d449e463b72b6934e82f1c2
- http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079747.html
- http://lists.opensuse.org/opensuse-updates/2013-06/msg00186.html
- http://www.debian.org/security/2012/dsa-2495
- http://www.infradead.org/openconnect/changelog.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17242
Products affected by CVE-2012-3291
-
cpe:2.3:a:infradead:openconnect:1.00
-
cpe:2.3:a:infradead:openconnect:1.10
-
cpe:2.3:a:infradead:openconnect:1.20
-
cpe:2.3:a:infradead:openconnect:1.30
-
cpe:2.3:a:infradead:openconnect:1.40
-
cpe:2.3:a:infradead:openconnect:2.00
-
cpe:2.3:a:infradead:openconnect:2.01
-
cpe:2.3:a:infradead:openconnect:2.10
-
cpe:2.3:a:infradead:openconnect:2.11
-
cpe:2.3:a:infradead:openconnect:2.12
-
cpe:2.3:a:infradead:openconnect:2.20
-
cpe:2.3:a:infradead:openconnect:2.21
-
cpe:2.3:a:infradead:openconnect:2.22
-
cpe:2.3:a:infradead:openconnect:2.23
-
cpe:2.3:a:infradead:openconnect:2.24
-
cpe:2.3:a:infradead:openconnect:2.25
-
cpe:2.3:a:infradead:openconnect:2.26
-
cpe:2.3:a:infradead:openconnect:3.00
-
cpe:2.3:a:infradead:openconnect:3.01
-
cpe:2.3:a:infradead:openconnect:3.02
-
cpe:2.3:a:infradead:openconnect:3.11
-
cpe:2.3:a:infradead:openconnect:3.12
-
cpe:2.3:a:infradead:openconnect:3.13
-
cpe:2.3:a:infradead:openconnect:3.14
-
cpe:2.3:a:infradead:openconnect:3.15
-
cpe:2.3:a:infradead:openconnect:3.16
-
cpe:2.3:a:infradead:openconnect:3.17