Multiple stack-based buffer overflows in http.c in OpenConnect prior to 4.08 allow remote VPN gateways to cause a denial of service (application crash) via a long (1) hostname, (2) path, or (3) cookie list in a response.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
infradead openconnect 3.16 |
||
infradead openconnect 3.15 |
||
infradead openconnect 3.00 |
||
infradead openconnect 2.26 |
||
infradead openconnect 2.12 |
||
infradead openconnect 2.11 |
||
infradead openconnect 1.00 |
||
infradead openconnect 3.17 |
||
infradead openconnect 4.02 |
||
infradead openconnect 3.02 |
||
infradead openconnect 3.01 |
||
infradead openconnect 2.21 |
||
infradead openconnect 2.20 |
||
infradead openconnect 1.20 |
||
infradead openconnect 1.10 |
||
infradead openconnect 4.00 |
||
infradead openconnect 4.01 |
||
infradead openconnect 3.14 |
||
infradead openconnect 3.13 |
||
infradead openconnect 2.25 |
||
infradead openconnect 2.24 |
||
infradead openconnect 2.10 |
||
infradead openconnect 2.01 |
||
infradead openconnect 2.00 |
||
infradead openconnect 3.18 |
||
infradead openconnect 3.19 |
||
infradead openconnect 4.04 |
||
infradead openconnect 4.05 |
||
infradead openconnect 3.12 |
||
infradead openconnect 3.11 |
||
infradead openconnect 2.23 |
||
infradead openconnect 2.22 |
||
infradead openconnect 1.40 |
||
infradead openconnect 1.30 |
||
infradead openconnect 3.20 |
||
infradead openconnect 3.99 |
||
infradead openconnect 4.06 |
||
infradead openconnect |
||
infradead openconnect 4.03 |