OpenConnect VPN Gateway Stack Based Buffer Overflow Vulnerability

OpenConnect is prone to a stack-based buffer-overflow vulnerability because it fails to properly bounds check the user-supplied data before copying it into an insufficiently sized buffer.

An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.


 

Privacy Statement
Copyright 2010, SecurityFocus