Описание
OpenConnect through 8.08 mishandles negative return values from X509_check_ function calls, which might assist attackers in performing man-in-the-middle attacks.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| openconnect | unfixed | package | ||
| openconnect | not-affected | jessie | package |
Примечания
https://gitlab.com/openconnect/openconnect/-/merge_requests/96
Only an issue if building with OpenSSL, where Debian binary packages use
GnuTLS.
Связанные уязвимости
CVSS3: 5.9
ubuntu
почти 6 лет назад
OpenConnect through 8.08 mishandles negative return values from X509_check_ function calls, which might assist attackers in performing man-in-the-middle attacks.
CVSS3: 5.9
nvd
почти 6 лет назад
OpenConnect through 8.08 mishandles negative return values from X509_check_ function calls, which might assist attackers in performing man-in-the-middle attacks.
