connection.c in Bip prior to 0.8.9 does not properly close sockets, which allows remote malicious users to cause a denial of service (file descriptor consumption and crash) via multiple failed SSL handshakes, a different vulnerability than CVE-2013-4550. NOTE: this issue was SPLIT from CVE-2013-4550 because it is a different type of issue.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
duckcorp bip 0.8.1 |
||
duckcorp bip 0.8.2 |
||
duckcorp bip 0.8.3 |
||
duckcorp bip 0.8.4 |
||
duckcorp bip 0.8.0 |
||
duckcorp bip 0.8.5 |
||
duckcorp bip 0.8.6 |
||
duckcorp bip 0.8.7 |
||
duckcorp bip |
||
fedoraproject fedora 20 |
||
fedoraproject fedora 19 |
||
fedoraproject fedora 18 |