Описание
tinc 1.0.30 through 1.0.34 has a broken authentication protocol, although there is a partial mitigation. This is fixed in 1.1.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| tinc | fixed | 1.0.35-1 | package | |
| tinc | not-affected | jessie | package |
Примечания
http://www.tinc-vpn.org/git/browse?p=tinc;a=commit;h=d3297fbd3b8c8c8a4661f5bbf89aca5cacba8b5a
This CVE is specific for tinc versions which did had mitigations put
in place for the Sweet32 attack in tinc 1.0.30.
EPSS
Процентиль: 55%
0.00324
Низкий
Связанные уязвимости
CVSS3: 3.7
ubuntu
больше 7 лет назад
tinc 1.0.30 through 1.0.34 has a broken authentication protocol, although there is a partial mitigation. This is fixed in 1.1.
CVSS3: 3.7
nvd
больше 7 лет назад
tinc 1.0.30 through 1.0.34 has a broken authentication protocol, although there is a partial mitigation. This is fixed in 1.1.
CVSS3: 3.7
github
больше 3 лет назад
tinc 1.0.30 through 1.0.34 has a broken authentication protocol, although there is a partial mitigation. This is fixed in 1.1.
EPSS
Процентиль: 55%
0.00324
Низкий