CVE-2011-4093Integer Overflow or Wraparound in Burgmeier Net6

CWE-190Integer Overflow or Wraparound6 documents4 sources
Severity
5.8MEDIUMNVD
EPSS
0.4%
top 37.41%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Armin Burgmeier Net6OpensuseOpensuse Project Opensuse+1 more
Timeline
PublishedFeb 10
Latest updateMay 14

Description

Integer overflow in inc/server.hpp in libnet6 (aka net6) before 1.3.14 might allow remote attackers to hijack connections and gain privileges as other users by making a large number of connections until the overflow occurs and an ID of another user is provided.

CVSS vector

AV:N/AC:M/C:P/I:P/A:NExploitability: 8.6 | Impact: 4.9

Affected Packages4 packages

NVDarmin_burgmeier/net61.3.13+12
NVDoracle/solaris11.2

🔴Vulnerability Details

2
GHSA
GHSA-fx8p-5v6x-xjjv: Integer overflow in inc/server2022-05-14
CVEList
CVE-2011-4093: Integer overflow in inc/server2014-02-10

💬Community

3
Bugzilla
CVE-2011-4093 CVE-2011-4091 net6 various flaws [fedora-all]2011-11-01
Bugzilla
CVE-2011-4093 net6: integer overflow may lead to connection hijacking2011-11-01
Bugzilla
CVE-2011-4093 CVE-2011-4091 net6 various flaws [epel-all]2011-11-01
CVE-2011-4093 — Integer Overflow or Wraparound | cvebase