2020年10月29日 星期四

[USN-4565-1] OpenConnect vulnerability

 ---------- Forwarded message ---------

From: Paulo Flabiano Smorigo <pfsmorigo@canonical.com>

Date: Oct 6, 2020 9:51PM

It was discovered that OpenConnect has a buffer overflow when a malicious

server uses HTTP chunked encoding with crafted chunk sizes. An attacker

could use it to provoke a denial of service (crash).

References:

  https://usn.ubuntu.com/4565-1

  CVE-2019-16239

張貼者:
標籤:

沒有留言:

張貼留言

訂閱: 張貼留言 (Atom)