Vulnerability Details : CVE-2013-1428
Public exploit exists!
Stack-based buffer overflow in the receive_tcppacket function in net_packet.c in tinc before 1.0.21 and 1.1 before 1.1pre7 allows remote authenticated peers to cause a denial of service (crash) or possibly execute arbitrary code via a large TCP packet.
Vulnerability category: OverflowExecute codeDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2013-1428
Probability of exploitation activity in the next 30 days: 5.47%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 92 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2013-1428
-
Tincd Post-Authentication Remote TCP Stack Buffer Overflow
Disclosure Date: 2013-04-22First seen: 2020-04-26exploit/multi/vpn/tincd_bofThis module exploits a stack buffer overflow in Tinc's tincd service. After authentication, a specially crafted tcp packet (default port 655) leads to a buffer overflow and allows to execute arbitrary code. This module has been tested with tinc-1.1pre6 on Windows XP
CVSS scores for CVE-2013-1428
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
6.5
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:P/A:P |
8.0
|
6.4
|
NIST |
CWE ids for CVE-2013-1428
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-1428
-
http://www.tinc-vpn.org/pipermail/tinc/2013-April/003240.html
[Announcement] Tinc version 1.0.21 and 1.1pre7 releasedVendor Advisory
-
http://www.debian.org/security/2013/dsa-2663
Debian -- Security Information -- DSA-2663-1 tinc
-
https://github.com/gsliepen/tinc/commit/17a33dfd95b1a29e90db76414eb9622df9632320
Drop packets forwarded via TCP if they are too big (CVE-2013-1428). · gsliepen/tinc@17a33df · GitHub
-
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105559.html
[SECURITY] Fedora 18 Update: tinc-1.0.21-1.fc18
-
http://www.securityfocus.com/bid/59369
tinc CVE-2013-1428 Stack Buffer Overflow Vulnerability
-
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106167.html
[SECURITY] Fedora 19 Update: tinc-1.0.21-1.fc19
-
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105531.html
[SECURITY] Fedora 17 Update: tinc-1.0.21-1.fc17
-
http://freecode.com/projects/tinc/releases/354122
All releases of tinc – Freecode
-
http://www.tinc-vpn.org/news/
news
Products affected by CVE-2013-1428
- cpe:2.3:a:tinc-vpn:tinc:*:*:*:*:*:*:*:*
- cpe:2.3:a:tinc-vpn:tinc:*:pre6:*:*:*:*:*:*
- cpe:2.3:a:tinc-vpn:tinc:1.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:tinc-vpn:tinc:1.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:tinc-vpn:tinc:1.0.19:*:*:*:*:*:*:*
- cpe:2.3:a:tinc-vpn:tinc:1.1:pre4:*:*:*:*:*:*
- cpe:2.3:a:tinc-vpn:tinc:1.1:pre3:*:*:*:*:*:*
- cpe:2.3:a:tinc-vpn:tinc:1.1:pre5:*:*:*:*:*:*