Lucene search

Tinc Security Vulnerabilities

cve

CVE-2018-16737

tinc before 1.0.30 has a broken authentication protocol, without even a partial...

5.3CVSS

5.2AI Score

0.002EPSS

2018-10-10 09:29 PM

cve

CVE-2018-16758

Missing message authentication in the meta-protocol in Tinc VPN version 1.0.34 and earlier allows a man-in-the-middle attack to disable the encryption of VPN...

5.9CVSS

5.5AI Score

0.001EPSS

2018-10-10 09:29 PM

cve

CVE-2018-16738

tinc 1.0.30 through 1.0.34 has a broken authentication protocol, although there is a partial mitigation. This is fixed in...

3.7CVSS

4.6AI Score

0.003EPSS

2018-10-10 09:29 PM

cve

CVE-2013-1428

Stack-based buffer overflow in the receive_tcppacket function in net_packet.c in tinc before 1.0.21 and 1.1 before 1.1pre7 allows remote authenticated peers to cause a denial of service (crash) or possibly execute arbitrary code via a large TCP...

7.7AI Score

0.055EPSS

2013-04-26 04:55 PM

cve

CVE-2002-1755

tinc 1.0pre3 and 1.0pre4 VPN does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on...

7AI Score

0.003EPSS

2002-12-31 05:00 AM

cve

CVE-2001-1505

tinc 1.0pre3 and 1.0pre4 allows remote attackers to inject data into user sessions by sniffing and replaying...

6.9AI Score

0.007EPSS

2001-12-31 05:00 AM