What is the severity of CVE-2012-6128?

CVE-2012-6128 is classified as having a high severity due to the potential for denial of service and application crashes.

How do I fix CVE-2012-6128?

To fix CVE-2012-6128, you should update OpenConnect to version 4.08 or later.

What software is affected by CVE-2012-6128?

CVE-2012-6128 affects multiple versions of OpenConnect prior to version 4.08.

What type of vulnerability is CVE-2012-6128?

CVE-2012-6128 is a stack-based buffer overflow vulnerability.

Can CVE-2012-6128 be exploited remotely?

Yes, CVE-2012-6128 can be exploited remotely by sending specifically crafted long hostnames, paths, or cookie lists.

Vulnerability/
CVE-2012-6128

medium

CWE

119

24/2/2013

6/8/2024

CVE-2012-6128: Buffer Overflow

First published: Sun Feb 24 2013(Updated: )

Multiple stack-based buffer overflows in http.c in OpenConnect before 4.08 allow remote VPN gateways to cause a denial of service (application crash) via a long (1) hostname, (2) path, or (3) cookie list in a response.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
infradead OpenConnect	<=4.07
infradead OpenConnect	=1.00
infradead OpenConnect	=1.10
infradead OpenConnect	=1.20
infradead OpenConnect	=1.30
infradead OpenConnect	=1.40
infradead OpenConnect	=2.00
infradead OpenConnect	=2.01
infradead OpenConnect	=2.10
infradead OpenConnect	=2.11
infradead OpenConnect	=2.12
infradead OpenConnect	=2.20
infradead OpenConnect	=2.21
infradead OpenConnect	=2.22
infradead OpenConnect	=2.23
infradead OpenConnect	=2.24
infradead OpenConnect	=2.25
infradead OpenConnect	=2.26
infradead OpenConnect	=3.00
infradead OpenConnect	=3.01
infradead OpenConnect	=3.02
infradead OpenConnect	=3.11
infradead OpenConnect	=3.12
infradead OpenConnect	=3.13
infradead OpenConnect	=3.14
infradead OpenConnect	=3.15
infradead OpenConnect	=3.16
infradead OpenConnect	=3.17
infradead OpenConnect	=3.18
infradead OpenConnect	=3.19
infradead OpenConnect	=3.20
infradead OpenConnect	=3.99
infradead OpenConnect	=4.00
infradead OpenConnect	=4.01
infradead OpenConnect	=4.02
infradead OpenConnect	=4.03
infradead OpenConnect	=4.04
infradead OpenConnect	=4.05
infradead OpenConnect	=4.06

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2012-6128?
CVE-2012-6128 is classified as having a high severity due to the potential for denial of service and application crashes.
How do I fix CVE-2012-6128?
To fix CVE-2012-6128, you should update OpenConnect to version 4.08 or later.
What software is affected by CVE-2012-6128?
CVE-2012-6128 affects multiple versions of OpenConnect prior to version 4.08.
What type of vulnerability is CVE-2012-6128?
CVE-2012-6128 is a stack-based buffer overflow vulnerability.
Can CVE-2012-6128 be exploited remotely?
Yes, CVE-2012-6128 can be exploited remotely by sending specifically crafted long hostnames, paths, or cookie lists.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/author
agent/last-modified-date
agent/severity
agent/weakness
agent/references
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/infradead
canonical/infradead openconnect
version/infradead openconnect/4.07
version/infradead openconnect/1.00
version/infradead openconnect/1.10
version/infradead openconnect/1.20
version/infradead openconnect/1.30
version/infradead openconnect/1.40
version/infradead openconnect/2.00
version/infradead openconnect/2.01
version/infradead openconnect/2.10
version/infradead openconnect/2.11
version/infradead openconnect/2.12
version/infradead openconnect/2.20
version/infradead openconnect/2.21
version/infradead openconnect/2.22
version/infradead openconnect/2.23
version/infradead openconnect/2.24
version/infradead openconnect/2.25
version/infradead openconnect/2.26
version/infradead openconnect/3.00
version/infradead openconnect/3.01
version/infradead openconnect/3.02
version/infradead openconnect/3.11
version/infradead openconnect/3.12
version/infradead openconnect/3.13
version/infradead openconnect/3.14
version/infradead openconnect/3.15
version/infradead openconnect/3.16
version/infradead openconnect/3.17
version/infradead openconnect/3.18
version/infradead openconnect/3.19
version/infradead openconnect/3.20
version/infradead openconnect/3.99
version/infradead openconnect/4.00
version/infradead openconnect/4.01
version/infradead openconnect/4.02
version/infradead openconnect/4.03
version/infradead openconnect/4.04
version/infradead openconnect/4.05
version/infradead openconnect/4.06

CVE-2012-6128: Buffer Overflow

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2012-6128?

How do I fix CVE-2012-6128?

What software is affected by CVE-2012-6128?

What type of vulnerability is CVE-2012-6128?

Can CVE-2012-6128 be exploited remotely?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2012-6128?

How do I fix CVE-2012-6128?

What software is affected by CVE-2012-6128?

What type of vulnerability is CVE-2012-6128?

Can CVE-2012-6128 be exploited remotely?