CVE-2010-3903

Unspecified vulnerability in OpenConnect before 2.23 allows remote AnyConnect SSL VPN servers to cause a denial of service (application crash) via a 404 HTTP status code.

Published: Oct 14, 2010
Updated: Apr 13, 2023
CVE: CVE-2010-3903
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
infradead / openconnect	1.40	1.40.x
infradead / openconnect	1.00	1.00.x
infradead / openconnect	1.30	1.30.x
infradead / openconnect	2.00	2.00.x
infradead / openconnect	2.21	2.21.x
infradead / openconnect	-	2.22.x
infradead / openconnect	2.11	2.11.x
infradead / openconnect	1.10	1.10.x
infradead / openconnect	2.10	2.10.x
infradead / openconnect	2.01	2.01.x
infradead / openconnect	2.12	2.12.x
infradead / openconnect	2.20	2.20.x
infradead / openconnect	1.20	1.20.x

http://www.infradead.org/openconnect.html

Vulnerability Database

290,206

CVE-2010-3903