CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2018-16737
https://notcve.org/view.php?id=CVE-2018-16737
08 Oct 2018 — tinc before 1.0.30 has a broken authentication protocol, without even a partial mitigation. tinc en versiones anteriores a la 1.0.30 tiene un protocolo de autenticación roto, incluso sin una mitigación parcial. • http://tinc-vpn.org/security • CWE-287: Improper Authentication •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2018-16738 – Debian Security Advisory 4312-1
https://notcve.org/view.php?id=CVE-2018-16738
08 Oct 2018 — tinc 1.0.30 through 1.0.34 has a broken authentication protocol, although there is a partial mitigation. This is fixed in 1.1. tinc, desde la versión 1.0.30 hasta la 1.0.34 tiene un protocolo de autenticación roto, aunque hay una mitigación parcial. Esto se ha solucionado en la versión 1.1. Several vulnerabilities were discovered in tinc, a Virtual Private Network (VPN) daemon. • http://tinc-vpn.org/security • CWE-287: Improper Authentication •
CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0CVE-2018-16758 – Debian Security Advisory 4312-1
https://notcve.org/view.php?id=CVE-2018-16758
08 Oct 2018 — Missing message authentication in the meta-protocol in Tinc VPN version 1.0.34 and earlier allows a man-in-the-middle attack to disable the encryption of VPN packets. La falta de autenticación de mensajes en el protocolo meta en Tinc VPN en versiones 1.0.34 y anteriores permite que un ataque Man-in-the-Middle (MitM) deshabilite el cifrado de paquetes VPN. Several vulnerabilities were discovered in tinc, a Virtual Private Network (VPN) daemon. • http://tinc-vpn.org/security • CWE-306: Missing Authentication for Critical Function •
CVSS: 9.8EPSS: 65%CPEs: 8EXPL: 2CVE-2013-1428 – Tincd - (Authenticated) Remote TCP Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2013-1428
26 Apr 2013 — Stack-based buffer overflow in the receive_tcppacket function in net_packet.c in tinc before 1.0.21 and 1.1 before 1.1pre7 allows remote authenticated peers to cause a denial of service (crash) or possibly execute arbitrary code via a large TCP packet. Desbordamiento de búfer en la función receive_tcppacket en net_packet.c en tinc anteriores a v1.0.21 y v1.1 anteriores a v1.1pre7 permite a pares de remotos autenticados para provocar una denegación de servicio (caída) o posiblemente ejecutar código a través ... • https://packetstorm.news/files/id/129343 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •