286 matches found
UBUNTU-CVE-2020-12823
OpenConnect 8.09 has a buffer overflow, causing a denial of service application crash or possibly unspecified other impact, via crafted certificate data to getcertname in gnutls.c...
CVE-2020-12823
OpenConnect 8.09 contains a buffer overflow in get_cert_name (gnutls.c) triggered by crafted certificate data, leading to denial of service (crash) and potential further impact. Multiple connected advisories confirm the issue and note that OpenConnect 8.10 fixes it (upgrading is recommended). The...
CVE-2020-12823
OpenConnect 8.09 has a buffer overflow, causing a denial of service application crash or possibly unspecified other impact, via crafted certificate data to getcertname in gnutls.c...
CVE-2020-12823
OpenConnect 8.09 has a buffer overflow, causing a denial of service application crash or possibly unspecified other impact, via crafted certificate data to getcertname in gnutls.c...
OpenConnect Input Validation Error Vulnerability
OpenConnect is an open source application for connecting to virtual private networks. A security vulnerability exists in OpenConnect 8.08 and earlier versions, which stems from the program failing to properly handle negative values returned by calls to the 'X509check' function. An attacker could...
CVE-2020-12105
OpenConnect through 8.08 mishandles negative return values from X509check function calls, which might assist attackers in performing man-in-the-middle attacks...
CVE-2020-12105
OpenConnect through 8.08 mishandles negative return values from X509check function calls, which might assist attackers in performing man-in-the-middle attacks...
DEBIAN-CVE-2020-12105
OpenConnect through 8.08 mishandles negative return values from X509check function calls, which might assist attackers in performing man-in-the-middle attacks...
Input validation
OpenConnect through 8.08 mishandles negative return values from X509check function calls, which might assist attackers in performing man-in-the-middle attacks...
CVE-2020-12105
OpenConnect through 8.08 mishandles negative return values from X509check function calls, which might assist attackers in performing man-in-the-middle attacks...
CVE-2020-12105
OpenConnect through 8.08 mishandles negative return values from X509check function calls, which might assist attackers in performing man-in-the-middle attacks...
CVE-2020-12105
OpenConnect (affected: 8.08 and related, e.g., OpenConnect through 8.08) is vulnerable due to mishandling negative return values from X509_check_ function calls, which could enable MITM attacks. Root cause: improper handling in X509-related checks; impact: potential eavesdropping/mitigation failu...
CVE-2020-12105
OpenConnect through 8.08 mishandles negative return values from X509check function calls, which might assist attackers in performing man-in-the-middle attacks...
PT-2020-6927 · Unknown +4 · Openconnect +4
Name of the Vulnerable Software and Affected Versions: OpenConnect versions prior to 8.08 Description: The issue is related to the mishandling of negative return values from X509 check function calls, which could assist attackers in performing man-in-the-middle attacks. This vulnerability is...
The vulnerability of the process_http_response function in applications for connecting to OpenConnect virtual private networks allows a perpetrator to gain unauthorized access to information and compromise its integrity and availability.
The vulnerability of the processhttpresponse function in applications for connecting to OpenConnect virtual private networks is related to buffer overflow vulnerabilities. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to information and...
CVE-2013-7098
OpenConnect VPN client with GnuTLS before 5.02 contains a heap overflow if MTU is increased on reconnection...
CVE-2013-7098
OpenConnect VPN client with GnuTLS before 5.02 contains a heap overflow if MTU is increased on reconnection...
DEBIAN-CVE-2013-7098
OpenConnect VPN client with GnuTLS before 5.02 contains a heap overflow if MTU is increased on reconnection...
CVE-2013-7098
OpenConnect VPN client with GnuTLS before 5.02 contains a heap overflow if MTU is increased on reconnection...
Heap overflow
OpenConnect VPN client with GnuTLS before 5.02 contains a heap overflow if MTU is increased on reconnection...