Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2018-16738

Published: 10/10/2018 Updated: 07/11/2023
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 3.7 | Impact Score: 1.4 | Exploitability Score: 2.2
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Tinc

Vulnerability Summary

tinc 1.0.30 up to and including 1.0.34 has a broken authentication protocol, although there is a partial mitigation. This is fixed in 1.1.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

tinc-vpn tinc

debian debian linux 9.0

starwindsoftware starwind virtual san v8

Vendor Advisories

Debian Security Advisories: DSA-4312-1 tinc -- security update
Several vulnerabilities were discovered in tinc, a Virtual Private Network (VPN) daemon The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2018-16738 Michael Yonli discovered a flaw in the implementation of the authentication protocol that could allow a remote attacker to establish an authenticated ...

References

CWE-287https://www.debian.org/security/2018/dsa-4312http://tinc-vpn.org/security/https://www.starwindsoftware.com/security/sw-20190227-0002/http://www.tinc-vpn.org/git/browse?p=tinc%3Ba=commit%3Bh=d3297fbd3b8c8c8a4661f5bbf89aca5cacba8b5ahttps://nvd.nist.govhttps://www.debian.org/security/./dsa-4312
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671unauthorizedCVE-2024-4776CVE-2024-3407CVE-2024-26026CVE-2024-32888wirelessCVE-2024-4656template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook