ID CVE-2013-7098
Summary OpenConnect VPN client with GnuTLS before 5.02 contains a heap overflow if MTU is increased on reconnection.
References
Vulnerable Configurations
  • cpe:2.3:a:infradead:openconnect:1.00:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:1.00:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:1.10:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:1.10:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:1.20:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:1.20:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:1.30:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:1.30:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:1.40:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:1.40:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:2.00:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:2.00:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:2.01:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:2.01:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:2.10:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:2.11:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:2.11:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:2.12:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:2.12:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:2.20:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:2.20:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:2.21:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:2.21:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:2.22:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:2.22:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:2.23:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:2.23:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:2.24:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:2.24:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:2.25:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:2.25:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:2.26:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:2.26:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:3.00:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:3.00:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:3.01:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:3.01:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:3.02:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:3.02:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:3.11:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:3.11:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:3.12:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:3.12:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:3.13:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:3.13:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:3.14:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:3.14:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:3.15:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:3.15:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:3.16:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:3.16:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:3.17:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:3.17:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:3.18:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:3.18:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:3.19:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:3.19:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:3.20:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:3.20:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:3.99:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:3.99:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:4.00:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:4.00:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:4.01:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:4.01:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:4.02:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:4.02:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:4.03:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:4.03:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:4.04:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:4.04:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:4.05:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:4.05:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:4.06:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:4.06:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:4.07:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:4.07:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:4.08:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:4.08:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:4.99:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:4.99:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:5.00:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:5.00:*:*:*:*:*:*:*
  • cpe:2.3:a:infradead:openconnect:5.01:*:*:*:*:*:*:*
    cpe:2.3:a:infradead:openconnect:5.01:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 20-02-2020 - 21:41)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
confirm http://www.infradead.org/openconnect/changelog.html
Last major update 20-02-2020 - 21:41
Published 13-02-2020 - 23:15
Last modified 20-02-2020 - 21:41
Back to Top