Lucene search

K

[email protected]NVD:CVE-2011-5268

HistoryDec 24, 2013 - 7:55 p.m.

CVE-2011-5268

2013-12-2419:55:06

CWE-310

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.4 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.7%

connection.c in Bip before 0.8.9 does not properly close sockets, which allows remote attackers to cause a denial of service (file descriptor consumption and crash) via multiple failed SSL handshakes, a different vulnerability than CVE-2013-4550. NOTE: this issue was SPLIT from CVE-2013-4550 because it is a different type of issue.

Affected configurations

NVD

Node

duckcorpbipRange≤0.8.8

OR

duckcorpbipMatch0.8.0

OR

duckcorpbipMatch0.8.0rc0

OR

duckcorpbipMatch0.8.0rc1

OR

duckcorpbipMatch0.8.1

OR

duckcorpbipMatch0.8.2

OR

duckcorpbipMatch0.8.3

OR

duckcorpbipMatch0.8.4

OR

duckcorpbipMatch0.8.5

OR

duckcorpbipMatch0.8.6

OR

duckcorpbipMatch0.8.7

Node

fedoraprojectfedoraMatch18

OR

fedoraprojectfedoraMatch19

OR

fedoraprojectfedoraMatch20

References

lists.fedoraproject.org/pipermail/package-announce/2013-November/121868.html

lists.fedoraproject.org/pipermail/package-announce/2013-November/122274.html

lists.fedoraproject.org/pipermail/package-announce/2013-November/122278.html

www.openwall.com/lists/oss-security/2014/01/02/9

projects.duckcorp.org/issues/261

projects.duckcorp.org/versions/13

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.4 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.7%

Related for NVD:CVE-2011-5268

cve2 ubuntucve2 debiancve2 prion2 nvd1 nessus3 cvelist2 openvas5 mageia1 fedora3