CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2020-12105 – Gentoo Linux Security Advisory 202006-15
https://notcve.org/view.php?id=CVE-2020-12105
23 Apr 2020 — OpenConnect through 8.08 mishandles negative return values from X509_check_ function calls, which might assist attackers in performing man-in-the-middle attacks. OpenConnect versiones hasta 8.08, maneja inapropiadamente los valores de retorno negativos a partir de llamadas de la función X509_check_, lo que podría ayudar a atacantes a llevar a cabo ataques de tipo man-in-the-middle . Multiple vulnerabilities have been found in OpenConnect, the worst of which could result in the arbitrary execution of code. V... • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00039.html • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2013-7098
https://notcve.org/view.php?id=CVE-2013-7098
13 Feb 2020 — OpenConnect VPN client with GnuTLS before 5.02 contains a heap overflow if MTU is increased on reconnection. El cliente OpenConnect VPN con GnuTLS versión anterior a 5.02, contiene un desbordamiento de la pila si la MTU se incrementa en la reconexión. • http://www.infradead.org/openconnect/changelog.html • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 5%CPEs: 10EXPL: 0CVE-2019-16239 – Debian Security Advisory 4607-1
https://notcve.org/view.php?id=CVE-2019-16239
17 Sep 2019 — process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes. La función process_http_response en OpenConnect versiones anteriores a 8.05, presenta un desbordamiento de búfer cuando un servidor malicioso utiliza la codificación fragmentada HTTP con tamaños de fragmento especialmente diseñados. Lukas Kupczyk reported a vulnerability in the handling of chunked HTTP in openconnect, an open client for Cisco AnyConnect, Pulse a... • http://lists.infradead.org/pipermail/openconnect-devel/2019-September/005412.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 1%CPEs: 39EXPL: 0CVE-2012-6128 – Gentoo Linux Security Advisory 201405-18
https://notcve.org/view.php?id=CVE-2012-6128
24 Feb 2013 — Multiple stack-based buffer overflows in http.c in OpenConnect before 4.08 allow remote VPN gateways to cause a denial of service (application crash) via a long (1) hostname, (2) path, or (3) cookie list in a response. Múltiples desbordamientos de búfer basados en pila en http.c en Openconnect anterior a v4.08 permite a gateways VPN remotos generar una denegación de servicio (caída de la aplicación) mediante un (1) hostname largo, (2) ruta, o (3) cookie en una respuesta. A buffer overflow in OpenConnect cou... • http://git.infradead.org/users/dwmw2/openconnect.git/commitdiff/26f752c3dbf69227679fc6bebb4ae071aecec491 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 1%CPEs: 27EXPL: 0CVE-2012-3291
https://notcve.org/view.php?id=CVE-2012-3291
07 Jun 2012 — Heap-based buffer overflow in OpenConnect 3.18 allows remote servers to cause a denial of service via a crafted greeting banner. Un desbordamiento de buffer basado en memoria dinámica en OpenConnect v3.18 permite a los servidores remotos provocar una denegación de servicio a través de un "banner" de saludo específicamente modificado. • http://git.infradead.org/users/dwmw2/openconnect.git/commitdiff/14cae65318d3ef1f7d449e463b72b6934e82f1c2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •