CVE-2011-5268

Severity

43%

Complexity

86%

Confidentiality

48%

connection.c in Bip before 0.8.9 does not properly close sockets, which allows remote attackers to cause a denial of service (file descriptor consumption and crash) via multiple failed SSL handshakes, a different vulnerability than CVE-2013-4550. NOTE: this issue was SPLIT from CVE-2013-4550 because it is a different type of issue.

connection.c in Bip before 0.8.9 does not properly close sockets, which allows remote attackers to cause a denial of service (file descriptor consumption and crash) via multiple failed SSL handshakes, a different vulnerability than CVE-2013-4550. NOTE: this issue was SPLIT from CVE-2013-4550 because it is a different type of issue.

CVSS 2.0 Base Score 4.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P).

Overview

First reported 11 years ago

2013-12-24 19:55:00

Last updated 11 years ago

2014-01-04 04:35:00

Affected Software

duckcorp bip 0.8.0

0.8.0

duckcorp bip 0.8.0 release candidate 0

0.8.0

duckcorp bip 0.8.0 release candidate 1

0.8.0

duckcorp bip 0.8.1

0.8.1

duckcorp bip 0.8.2

0.8.2

duckcorp bip 0.8.3

0.8.3

duckcorp bip 0.8.4

0.8.4

duckcorp bip 0.8.5

0.8.5

duckcorp bip 0.8.6

0.8.6

duckcorp bip 0.8.7

0.8.7

Fedora 18

18

Fedora 19

19

Fedora 20

20

References

FEDORA-2013-21006

FEDORA-2013-21060

FEDORA-2013-21018

[oss-security] 20140102 Re: Duplicated CVE assignment for bip

https://projects.duckcorp.org/issues/261

Patch

https://projects.duckcorp.org/versions/13

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.