duckcorp bip 0.8.4

CPE Details

duckcorp bip 0.8.4
duckcorp
bip
0.8.4
2012-01-27
16h38 +00:00
2012-02-16
19h18 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:duckcorp:bip:0.8.4:*:*:*:*:*:*:*

Informations

Vendor

duckcorp

Product

bip

Version

0.8.4

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2011-5268 2013-12-24 18h00 +00:00 connection.c in Bip before 0.8.9 does not properly close sockets, which allows remote attackers to cause a denial of service (file descriptor consumption and crash) via multiple failed SSL handshakes, a different vulnerability than CVE-2013-4550. NOTE: this issue was SPLIT from CVE-2013-4550 because it is a different type of issue.
4.3
CVE-2013-4550 2013-12-24 17h00 +00:00 Bip before 0.8.9, when running as a daemon, writes SSL handshake errors to an unexpected file descriptor that was previously associated with stderr before stderr has been closed, which allows remote attackers to write to other sockets and have an unspecified impact via a failed SSL handshake, a different vulnerability than CVE-2011-5268. NOTE: some sources originally mapped this CVE to two different types of issues; this CVE has since been SPLIT, producing CVE-2011-5268.
5.1
CVE-2012-0806 2012-01-26 23h00 +00:00 Buffer overflow in Bip 0.8.8 and earlier might allow remote authenticated users to execute arbitrary code via vectors involving a series of TCP connections that triggers use of many open file descriptors.
6.5
CVE-2010-3071 2010-10-12 19h00 +00:00 bip before 0.8.6 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an empty USER command.
5
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.