NotCVE - vendor:"Connman" product:"Connman" version:"0.60"

Page 2 of 12 results (0.002 seconds)

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1

CVE-2022-23098

https://notcve.org/view.php?id=CVE-2022-23098

An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation has an infinite loop if no data is received. Se ha detectado un problema en el proxy DNS en Connman versiones hasta 1.40. La implementación de la respuesta del servidor TCP presenta un bucle infinito si no son recibidos datos • https://git.kernel.org/pub/scm/network/connman/connman.git/log https://lists.debian.org/debian-lts-announce/2022/02/msg00009.html https://security.gentoo.org/glsa/202310-21 https://www.debian.org/security/2022/dsa-5231 https://www.openwall.com/lists/oss-security/2022/01/25/1 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2021-26676

https://notcve.org/view.php?id=CVE-2021-26676

gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation of bugs in gdhcp. Los atacantes adyacentes a la red podían usar gdhcp en ConnMan versiones anteriores a 1.39, para filtrar información confidencial de la pila, lo que permitiría una mayor explotación de los errores en gdhcp • https://bugzilla.suse.com/show_bug.cgi?id=1181751 https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=58d397ba74873384aee449690a9070bacd5676fa https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=a74524b3e3fad81b0fd1084ffdf9f2ea469cd9b1 https://git.kernel.org/pub/scm/network/connman/connman.git/tree/ChangeLog https://kunnamon.io/tbone https://lists.debian.org/debian-lts-announce/2021/02/msg00013.html https://security.gentoo.org/glsa/202107-29 https://www.debia •

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2021-26675

https://notcve.org/view.php?id=CVE-2021-26675

A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute code. Un desbordamiento de búfer en la región stack de la memoria en dnsproxy en ConnMan versiones anteriores a 1.39, podría ser usado por atacantes adyacentes a la red para ejecutar código • https://bugzilla.suse.com/show_bug.cgi?id=1181751 https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=e4079a20f617a4b076af503f6e4e8b0304c9f2cb https://git.kernel.org/pub/scm/network/connman/connman.git/tree/ChangeLog https://kunnamon.io/tbone https://lists.debian.org/debian-lts-announce/2021/02/msg00013.html https://security.gentoo.org/glsa/202107-29 https://www.debian.org/security/2021/dsa-4847 https://www.openwall.com/lists/oss-security/2021/02/08/2 • CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 5%CPEs: 2EXPL: 0

CVE-2017-12865

https://notcve.org/view.php?id=CVE-2017-12865

Stack-based buffer overflow in "dnsproxy.c" in connman 1.34 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted response query string passed to the "name" variable. Un desbordamiento de búfer basado en pila en "dnsproxy.c" en connman 1.34 y anteriores permite que atacantes remotos provoquen una denegación de servicio (bloqueo) o ejecuten código arbitrario mediante una cadena de consulta de respuesta manipulada pasada a la variable "name". • http://www.debian.org/security/2017/dsa-3956 http://www.securityfocus.com/bid/100498 https://01.org/security/intel-oss-10001/intel-oss-10001 https://bugzilla.redhat.com/show_bug.cgi?id=1483720 https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=5c281d182ecdd0a424b64f7698f32467f8f67b71 https://security.gentoo.org/glsa/201812-02 https://www.nri-secure.com/blog/new-iot-vulnerability-connmando • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 8%CPEs: 84EXPL: 0

CVE-2012-2320

https://notcve.org/view.php?id=CVE-2012-2320

ConnMan before 0.85 does not ensure that netlink messages originate from the kernel, which allows remote attackers to bypass intended access restrictions and cause a denial of service via a crafted netlink message. ConnMan antes 0.85 no garantiza que los mensajes netlink se originen en el núcleo, lo que permite a atacantes remotos eludir restricciones de acceso y provocar una denegación de servicio a través de un mensaje netlink modificado. • http://git.kernel.org/?p=network/connman/connman.git%3Ba=commit%3Bh=b0ec6eb4466acc57a9ea8be52c17b674b6ea0618 http://git.kernel.org/?p=network/connman/connman.git%3Ba=commit%3Bh=c1b968984212b46bea1330f5ae029507b9bfded9 http://secunia.com/advisories/49033 http://secunia.com/advisories/49186 http://security.gentoo.org/glsa/glsa-201205-02.xml http://www.openwall.com/lists/oss-security/2012/05/07/10 http://www.openwall.com/lists/oss-security/2012/05/07/2 http://www.openwall.com/lists/oss-securi • CWE-264: Permissions, Privileges, and Access Controls •

1 2 3