Integer overflow in Armin_burgmeier Net6

CVE-2011-4093

Integer overflow in inc/server.hpp in libnet6 (aka net6) before 1.3.14 might allow remote attackers to hijack connections and gain privileges as other users by making a large number of connections until the overflow occurs and an ID of ano…

Vulnerability class: Integer Overflow

EPSS: 0.004 (62.9th percentile) — read the EPSS interpretation.

Affected products

Armin_burgmeier Net6 — versions 1.3.1, 1.3.2, 1.3.3
Opensuse_project Opensuse — versions 11.4
Oracle Solaris — versions 11.2
Opensuse — versions 11.3
N/a — versions n/a

Weakness classification (CWE)

CWE-190 — Integer Overflow or Wraparound

References

secalert@redhat.com (x_refsource_CONFIRM, VDB Entry, Third Party Advisory, Issue Tracking)
secalert@redhat.com (x_refsource_CONFIRM)
secalert@redhat.com (x_refsource_CONFIRM, VDB Entry, Third Party Advisory, Issue Tracking)
secalert@redhat.com (x_refsource_CONFIRM, Third Party Advisory)
openSUSE-SU-2012:0008 (vendor-advisory, Third Party Advisory, x_refsource_SUSE)
openSUSE-SU-2012:0040 (vendor-advisory, Third Party Advisory, x_refsource_SUSE)
[oss-security] 20111031 Re: CVE request: 3 flaws in libobby and libnet6 (mailing-list, x_refsource_MLIST, Third Party Advisory)