Buffer overflow in the run_last_args function in client/fwknop.c in fwknop before 2.0.3, when processing --last, might allow local users to cause a denial of service (client crash) and possibly execute arbitrary code via many .fwknop.run arguments.
Max CVSS
4.4
EPSS Score
0.04%
Published
2012-10-22
Updated
2012-11-08
fwknop before 2.0.3 does not properly validate IP addresses, which allows remote authenticated users to cause a denial of service (server crash) via a long IP address.
Max CVSS
4.0
EPSS Score
11.70%
Published
2012-10-22
Updated
2017-08-29
fwknop before 2.0.3 allow remote authenticated users to cause a denial of service (server crash) or possibly execute arbitrary code.
Max CVSS
8.8
EPSS Score
2.50%
Published
2020-01-09
Updated
2020-01-10
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!