CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
Low
EPSS
Percentile
89.0%
GNU Gatekeeper before 3.1 does not limit the number of connections to the status port, which allows remote attackers to cause a denial of service (connection and thread consumption) via a large number of connections.
Vendor | Product | Version | CPE |
---|---|---|---|
opensuse | leap | 42.1 | cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:* |
opensuse | opensuse | 13.2 | cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:* |
gnugk | gnu_gatekeeper | * | cpe:2.3:a:gnugk:gnu_gatekeeper:*:beta:*:*:*:*:*:* |
gnugk | gnu_gatekeeper | 2.0.3 | cpe:2.3:a:gnugk:gnu_gatekeeper:2.0.3:*:*:*:*:*:*:* |
gnugk | gnu_gatekeeper | 2.0.4 | cpe:2.3:a:gnugk:gnu_gatekeeper:2.0.4:*:*:*:*:*:*:* |
gnugk | gnu_gatekeeper | 2.0.5 | cpe:2.3:a:gnugk:gnu_gatekeeper:2.0.5:*:*:*:*:*:*:* |
gnugk | gnu_gatekeeper | 2.0.6 | cpe:2.3:a:gnugk:gnu_gatekeeper:2.0.6:*:*:*:*:*:*:* |
gnugk | gnu_gatekeeper | 2.0.7 | cpe:2.3:a:gnugk:gnu_gatekeeper:2.0.7:*:*:*:*:*:*:* |
gnugk | gnu_gatekeeper | 2.0.8 | cpe:2.3:a:gnugk:gnu_gatekeeper:2.0.8:*:*:*:*:*:*:* |
gnugk | gnu_gatekeeper | 2.0.9 | cpe:2.3:a:gnugk:gnu_gatekeeper:2.0.9:*:*:*:*:*:*:* |
lists.opensuse.org/opensuse-updates/2016-07/msg00070.html
secunia.com/advisories/50343
www.gnugk.org/gnugk-3.1.html
www.openwall.com/lists/oss-security/2012/08/25/3
www.openwall.com/lists/oss-security/2012/08/25/4
www.openwall.com/lists/oss-security/2012/08/27/1
www.osvdb.org/84862
www.securityfocus.com/bid/55198
exchange.xforce.ibmcloud.com/vulnerabilities/77975