Debian Security Update DSA-4607 openconnect - security update

Thread starter LinuxBot
Start date Jan 21, 2020

LinuxBot

Member

Jan 21, 2020

Lukas Kupczyk reported a vulnerability in the handling of chunked HTTP in openconnect, an open client for Cisco AnyConnect, Pulse and GlobalProtect VPN. A malicious HTTP server (after having accepted its identity certificate), can provide bogus chunk lengths for chunked HTTP encoding and cause a heap-based buffer overflow.

Continue reading...

You must log in or register to reply here.

Facebook X (Twitter) Reddit Pinterest Tumblr WhatsApp Email Link

Staff online

wizardfromoz
Administrator
K

KGIII
Super Moderator

Members online

Total: 861 (members: 9, guests: 852)

Latest posts

K
Installing and configuring Brave browser on Debian 11
- Latest: KGIII
- 1 minute ago
General Linux Questions
Impartiality Of Distro Choices Advocated At This Site
- Latest: bob466
- 1 minute ago
Forum Assistance
USB ports issue - really slow
- Latest: Alexzee
- Yesterday at 8:36 PM
General Computing
K
Autostart applications on Fedora.
- Latest: KGIII
- Yesterday at 8:27 PM
Fedora
M
Lenovo Legion 7i Gen8 Kernel NULL pointer dereference
- Latest: mburge
- Yesterday at 5:54 PM
Laptops / Netbooks

Top