Debian Security Advisory DSA 2495-1 (openconnect) Network Vulnerability

Summary

The remote host is missing an update to openconnect announced via advisory DSA 2495-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202495-1

Insight

A buffer overflow was discovered in OpenConnect, a client for the Cisco AnyConnect VPN, which could result in denial of service. For the stable distribution (squeeze), this problem has been fixed in version 2.25-0.1+squeeze1. For the unstable distribution (sid), this problem has been fixed in version 3.18-1. We recommend that you upgrade your openconnect packages.

Severity

Classification

CVE CVE-2012-3291

CVSS	Base Score: 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Debian Security Advisory DSA 009-1 (stunnel)
Debian Security Advisory DSA 102-1 (at)
Debian Security Advisory DSA 108-1 (wmtv)
Debian Security Advisory DSA 073-1 (imp)
Debian Security Advisory DSA 074-1 (wmaker)

Take action and discover your vulnerabilities