5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.006 Low
EPSS
Percentile
77.8%
Multiple stack-based buffer overflows in BOINC 6.13.x allow remote
attackers to cause a denial of service (crash) via a long trickle-up to (1)
client/cs_trickle.cpp or (2) db/db_base.cpp.
Author | Note |
---|---|
jdstrand | per upstream, only 6.x affected |
boinc.berkeley.edu/gitweb/?p=boinc-v2.git;a=commitdiff;h=5b04b249db166ec38c1ee99a9eadcaa300c0f454
boinc.berkeley.edu/gitweb/?p=boinc-v2.git;a=commitdiff;h=ae04b50a71f3e96ee1bc59b76fca97cf0fe976f7
www.openwall.com/lists/oss-security/2013/04/28/3
launchpad.net/bugs/cve/CVE-2011-5280
nvd.nist.gov/vuln/detail/CVE-2011-5280
security-tracker.debian.org/tracker/CVE-2011-5280
www.cve.org/CVERecord?id=CVE-2011-5280