CVE-2012-3534 — Improper Restriction of Operations within the Bounds of a Memory Buffer in GNU Gatekeeper

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer2 documents2 sources

Severity

5.0MEDIUMNVD

EPSS

1.7%

top 17.70%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Gnugk GNU Gatekeeper Opensuse Leap Opensuse

Timeline

PublishedAug 31

Latest updateMay 14

Description

GNU Gatekeeper before 3.1 does not limit the number of connections to the status port, which allows remote attackers to cause a denial of service (connection and thread consumption) via a large number of connections.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

▶NVDgnugk/gnu_gatekeeper3.1+24

▶NVDopensuse/leap42.1

▶NVDopensuse/opensuse13.2

🔴Vulnerability Details

GHSA

GHSA-449j-8m8x-cp6f: GNU Gatekeeper before 3↗2022-05-14

▶