Debian Security Advisory DSA 2623-1 (openconnect - buffer overflow)

Summary
Kevin Cernekee discovered that a malicious VPN gateway can send crafted responses which trigger stack-based buffer overflows.
Solution
For the stable distribution (squeeze), this problem has been fixed in version 2.25-0.1+squeeze2. We recommend that you upgrade your openconnect packages.
Insight
OpenConnect is an open client for the Cisco AnyConnect VPN.
Affected
openconnect on Debian Linux
Detection
This check tests the installed software version using the apt package manager.
References