Candidate: CVE-2012-4435
PublicDate: 2012-10-22 23:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4435
 http://seclists.org/oss-sec/2012/q3/509
Description:
 fwknop before 2.0.3 does not properly validate IP addresses, which allows
 remote authenticated users to cause a denial of service (server crash) via
 a long IP address.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688151
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_fwknop:
 upstream: http://www.cipherdyne.org/cgi-bin/gitweb.cgi?p=fwknop.git;a=commitdiff;h=f4c16bc47fc24a96b63105556b62d61c1ba7d799
upstream_fwknop: released (2.0.3)
hardy_fwknop: DNE
lucid_fwknop: ignored (reached end-of-life)
natty_fwknop: ignored (reached end-of-life)
oneiric_fwknop: ignored (reached end-of-life)
precise_fwknop: ignored (reached end-of-life)
precise/esm_fwknop: DNE (precise was needs-triage)
quantal_fwknop: released (2.0.3-1)
raring_fwknop: not-affected (2.0.3-2ubuntu1)
saucy_fwknop: not-affected (2.0.3-2ubuntu1)
trusty_fwknop: not-affected (2.0.3-2ubuntu1)
trusty/esm_fwknop: DNE (trusty was not-affected [2.0.3-2ubuntu1])
utopic_fwknop: not-affected (2.0.3-2ubuntu1)
vivid_fwknop: not-affected (2.0.3-2ubuntu1)
vivid/stable-phone-overlay_fwknop: DNE
vivid/ubuntu-core_fwknop: DNE
wily_fwknop: not-affected (2.0.3-2ubuntu1)
xenial_fwknop: not-affected (2.0.3-2ubuntu1)
yakkety_fwknop: not-affected (2.0.3-2ubuntu1)
zesty_fwknop: not-affected (2.0.3-2ubuntu1)
devel_fwknop: not-affected (2.0.3-2ubuntu1)