Your submission was sent successfully! Close

CVE-2011-5268

Published: 24 December 2013

connection.c in Bip before 0.8.9 does not properly close sockets, which allows remote attackers to cause a denial of service (file descriptor consumption and crash) via multiple failed SSL handshakes, a different vulnerability than CVE-2013-4550. NOTE: this issue was SPLIT from CVE-2013-4550 because it is a different type of issue.

Priority

Medium

Status

Package Release Status
bip
Launchpad, Ubuntu, Debian
Upstream
Released (0.8.9-1)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(0.8.9-1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [0.8.9-1])