Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2013-1428

Stack-based buffer overflow in the receive_tcppacket function in net_packet.c in tinc before 1.0.21 and 1.1 before 1.1pre7 allows remote authenticated peers to cause a denial of service (crash) or possibly execute arbitrary code via a large TCP packet.

  • Published: Apr 26, 2013
  • Updated: Apr 13, 2023
  • CVE: CVE-2013-1428
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.5
  • AV:N/AC:L/Au:S/C:P/I:P/A:P

CWEs:

Software From Fixed in
tinc-vpn / tinc - 1.1.x
tinc-vpn / tinc 1.1-pre4 1.1-pre4.x
tinc-vpn / tinc 1.0.17 1.0.17.x
tinc-vpn / tinc 1.0.18 1.0.18.x
tinc-vpn / tinc 1.1-pre3 1.1-pre3.x
tinc-vpn / tinc - 1.0.20.x
tinc-vpn / tinc 1.1-pre5 1.1-pre5.x
tinc-vpn / tinc 1.0.19 1.0.19.x