Lucene search
+L

332 matches found

AlpineLinux
AlpineLinux
added 2023/04/12 4:15 p.m.27 views

CVE-2023-28488

client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers operating a crafted DHCP server to cause a stack-based buffer overflow and denial of service, terminating the connman process...

6.5CVSS6.6AI score0.00964EPSS
Exploits1
OSV
OSV
added 2023/04/12 4:15 p.m.4 views

UBUNTU-CVE-2023-28488

client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers operating a crafted DHCP server to cause a stack-based buffer overflow and denial of service, terminating the connman process...

6.5CVSS6.2AI score0.00964EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2023/04/12 12:0 a.m.4 views

CVE-2023-28488

client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers operating a crafted DHCP server to cause a stack-based buffer overflow and denial of service, terminating the connman process...

7.5AI score0.00964EPSS
Exploits1References4
Cvelist
Cvelist
added 2023/04/12 12:0 a.m.24 views

CVE-2023-28488

client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers operating a crafted DHCP server to cause a stack-based buffer overflow and denial of service, terminating the connman process...

6.9AI score0.00964EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2023/04/12 12:0 a.m.53 views

CVE-2023-28488

client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers operating a crafted DHCP server to cause a stack-based buffer overflow and denial of service, terminating the connman process...

6.5CVSS6.5AI score0.00964EPSS
Exploits1
OSV
OSV
added 2023/04/12 12:0 a.m.14 views

CVE-2023-28488

client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers operating a crafted DHCP server to cause a stack-based buffer overflow and denial of service, terminating the connman process...

6.5CVSS7AI score0.00964EPSS
Exploits1References6
CNNVD
CNNVD
added 2023/04/12 12:0 a.m.5 views

Connman 缓冲区错误漏洞

Connman is a connection manager. A security vulnerability exists in ConnMan version 1.41 and earlier. An attacker could exploit the vulnerability to cause a buffer overflow on the stack and a denial of service, which could terminate the connman process...

6.5CVSS6.7AI score0.00964EPSS
Exploits1References8
CVE
CVE
added 2023/04/12 12:0 a.m.91 views

CVE-2023-28488

CVE-2023-28488 affects the gdhcp client in ConnMan (up to v1.41). A network-adjacent attacker crafting DHCP server traffic can trigger a stack-based buffer overflow, causing denial of service and connman termination. Public connected documents confirm affected products and fixes by distro: Debian...

6.5CVSS6.5AI score0.00964EPSS
Exploits1References4Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 5:47 a.m.6 views

SUSE CVE-2012-2321

The loopback plug-in in ConnMan before 0.85 allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 host name or 2 domain name in a DHCP reply...

10CVSS7.5AI score0.05712EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:47 a.m.1 views

SUSE CVE-2012-2322

Integer overflow in the dhcpv6getoption function in gdhcp/client.c in ConnMan before 0.85 allows remote attackers to cause a denial of service infinite loop and crash via an invalid length value in a DHCP packet...

5CVSS6.7AI score0.0323EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:47 a.m.2 views

SUSE CVE-2012-2320

ConnMan before 0.85 does not ensure that netlink messages originate from the kernel, which allows remote attackers to bypass intended access restrictions and cause a denial of service via a crafted netlink message...

7.8CVSS6.4AI score0.02525EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:44 a.m.3 views

SUSE CVE-2021-26676

gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation of bugs in gdhcp...

6.5CVSS6.6AI score0.01212EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:44 a.m.5 views

SUSE CVE-2021-26675

A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute code...

8.8CVSS9AI score0.01301EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:40 a.m.3 views

SUSE CVE-2021-33833

ConnMan aka Connection Manager 1.30 through 1.39 has a stack-based buffer overflow in uncompress in dnsproxy.c via NAME, RDATA, or RDLENGTH for A or AAAA...

8.8CVSS9.7AI score0.02863EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:28 a.m.4 views

SUSE CVE-2022-23097

An issue was discovered in the DNS proxy in Connman through 1.40. forwarddnsreply mishandles a strnlen call, leading to an out-of-bounds read...

9.1CVSS7.9AI score0.02372EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:28 a.m.3 views

SUSE CVE-2022-23096

An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation lacks a check for the presence of sufficient Header Data, leading to an out-of-bounds read...

9.1CVSS8AI score0.02598EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:28 a.m.2 views

SUSE CVE-2022-23098

An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation has an infinite loop if no data is received...

7.5CVSS7.6AI score0.02485EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:25 a.m.2 views

SUSE CVE-2022-32292

In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in receiveddata to execute code...

9.8CVSS9.8AI score0.02392EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:25 a.m.3 views

SUSE CVE-2022-32293

In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution...

8.1CVSS8.2AI score0.0152EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.15 views

The vulnerability of the gweb component of the Connection dispatcher, related to writing outside of the allocated memory range, allows a hacker to execute arbitrary code.

The vulnerability of the gweb component of the Connman connection controller is related to writing beyond the boundaries of a reserved memory range. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS7.6AI score0.02392EPSS
Exploits0References10Affected Software6
Rows per page
Query Builder