Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv3

CVE-2023-28488

Published: 12/04/2023 Updated: 31/05/2023
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Connman

Vulnerability Summary

client.c in gdhcp in ConnMan up to and including 1.41 could be used by network-adjacent attackers (operating a crafted DHCP server) to cause a stack-based buffer overflow and denial of service, terminating the connman process.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

intel connman

Vendor Advisories

Debian CVElist Bug Report Logs: connman: CVE-2023-28488
Debian Bug report logs - #1034393 connman: CVE-2023-28488 Package: src:connman; Maintainer for src:connman is Vignesh Raman <vigneshraman@collaboracom>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 14 Apr 2023 07:24:01 UTC Severity: important Tags: security, upstream Found in version connman/1 ...
Debian Security Advisories: DSA-5416-1 connman -- security update
It was discovered that there was a potential buffer overflow and denial of service vulnerabilty in the gdhcp client implementation of connman, a command-line network manager designed for use on embedded devices For the stable distribution (bullseye), this problem has been fixed in version 136-22+deb11u2 We recommend that you upgrade your connma ...

Github Repositories

https://github.com/moehw/poc_exploits

🕳️ Proof of Concept exploits and their descriptions for various products

Proofs of Concepts, Exploits, CVE ConnMan ConnMan is a command-line network manager designed for use with embedded devices and fast resolve times CVE ID Score Description CVE-2023-28488 ? Integer underflow and subsequent stack buffer overflow gdhcp in ConnMan through 141 could be used by network-adjacent attackers to cause a denial of service, terminating the connman

References

CWE-787https://github.com/moehw/poc_exploits/tree/master/CVE-2023-28488https://kernel.googlesource.com/pub/scm/network/connman/connman/+/99e2c16ea1cced34a5dc450d76287a1c3e762138https://lists.debian.org/debian-lts-announce/2023/04/msg00024.htmlhttps://www.debian.org/security/2023/dsa-5416https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034393https://www.debian.org/security/2023/dsa-5416https://nvd.nist.govhttps://github.com/moehw/poc_exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook