CVE-2013-1428

Description

Stack-based buffer overflow in the receive_tcppacket function in net_packet.c in tinc before 1.0.21 and 1.1 before 1.1pre7 allows remote authenticated peers to cause a denial of service (crash) or possibly execute arbitrary code via a large TCP packet.

Affected packages (2)

• Debian/tincfrom 0, < 1.0.19-3
• Debian/tincfrom 0, < 1.0.13-1+squeeze1

References (1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-1428