CVE-2013-1428

🗓️ 26 Apr 2013 16:00:00Reported by debianType

Stack-based buffer overflow in receive_tcppacket function in tinc before 1.0.21 and 1.1 before 1.1pre7 allows remote authenticated peers to cause denial of service or execute arbitrary code via large TCP packe

Reporter	Title	Published	Views	Family All 31
0day.today	Tincd Post-Authentication Remote TCP Stack Buffer Overflow Exploit	2 Dec 201400:00	–	zdt
FreeBSD	tinc -- Buffer overflow	26 Jan 201300:00	–	freebsd
Circl	CVE-2013-1428	2 Dec 201400:00	–	circl
Cvelist	CVE-2013-1428	26 Apr 201316:00	–	cvelist
Debian	[SECURITY] [DSA 2663-1] tinc security update	22 Apr 201321:07	–	debian
Debian CVE	CVE-2013-1428	26 Apr 201316:00	–	debiancve
Tenable Nessus	Debian DSA-2663-1 : tinc - stack based buffer overflow	23 Apr 201300:00	–	nessus
Tenable Nessus	Fedora 19 : tinc-1.0.21-1.fc19 (2013-7085)	26 May 201300:00	–	nessus
Tenable Nessus	Fedora 18 : tinc-1.0.21-1.fc18 (2013-7120)	15 May 201300:00	–	nessus
Tenable Nessus	Fedora 17 : tinc-1.0.21-1.fc17 (2013-7128)	15 May 201300:00	–	nessus

NVD

Node

tinc-vpn tincRange≤1.0.20

tinc-vpn tincRange≤1.1pre6

tinc-vpn tincMatch1.0.17

tinc-vpn tincMatch1.0.18

tinc-vpn tincMatch1.0.19

tinc-vpn tincMatch1.1pre3

tinc-vpn tincMatch1.1pre4

tinc-vpn tincMatch1.1pre5

Source	Link
securityfocus	www.securityfocus.com/bid/59369
secunia	www.secunia.com/advisories/53108
tinc-vpn	www.tinc-vpn.org/pipermail/tinc/2013-April/003240.html
lists	www.lists.fedoraproject.org/pipermail/package-announce/2013-May/105531.html
lists	www.lists.fedoraproject.org/pipermail/package-announce/2013-May/106167.html
osvdb	www.osvdb.org/92653
tinc-vpn	www.tinc-vpn.org/news/
freecode	www.freecode.com/projects/tinc/releases/354122
lists	www.lists.fedoraproject.org/pipermail/package-announce/2013-May/105559.html
debian	www.debian.org/security/2013/dsa-2663

29 Apr 2026 01:13Current

7.9High risk

Vulners AI Score7.9

CVSS 26.5

EPSS0.65516

CWE-119