5.1

CVE-2013-4550

EPSS 1%
Veröffentlicht 24.12.2013 18:55:03
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

Bip before 0.8.9, when running as a daemon, writes SSL handshake errors to an unexpected file descriptor that was previously associated with stderr before stderr has been closed, which allows remote attackers to write to other sockets and have an unspecified impact via a failed SSL handshake, a different vulnerability than CVE-2011-5268. NOTE: some sources originally mapped this CVE to two different types of issues; this CVE has since been SPLIT, producing CVE-2011-5268.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Fedoraproject ≫ Fedora Version18

Fedoraproject ≫ Fedora Version19

Fedoraproject ≫ Fedora Version20

Duckcorp ≫ Bip Version <= 0.8.8

Duckcorp ≫ Bip Version0.8.0

Duckcorp ≫ Bip Version0.8.0 Updaterc0

Duckcorp ≫ Bip Version0.8.0 Updaterc1

Duckcorp ≫ Bip Version0.8.1

Duckcorp ≫ Bip Version0.8.2

Duckcorp ≫ Bip Version0.8.3

Duckcorp ≫ Bip Version0.8.4

Duckcorp ≫ Bip Version0.8.5

Duckcorp ≫ Bip Version0.8.6

Duckcorp ≫ Bip Version0.8.7

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1%	0.76

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.1	4.9	6.4	AV:N/AC:H/Au:N/C:P/I:P/A:P

http://lists.fedoraproject.org/pipermail/package-announce/2013-November/121868.html

Patch

http://lists.fedoraproject.org/pipermail/package-announce/2013-November/122274.html

http://lists.fedoraproject.org/pipermail/package-announce/2013-November/122278.html

http://www.openwall.com/lists/oss-security/2014/01/02/9

https://projects.duckcorp.org/issues/261

https://projects.duckcorp.org/versions/13

https://nvd.nist.gov/vuln/detail/CVE-2013-4550

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-4550

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-4550

EUVD