Download
| Alert*
|
oval:org.secpod.oval:def:1801322
CVE-2018-16737: tinc 1.0.29 and earlier allow an oracle attack that could allow a remote attacker to establish one-way communication with a tinc node, allowing it to send fake control messages and inject packets into the VPN. The attack takes only a few seconds to complete. Tinc 1.1pre14 and earlier ... oval:org.secpod.oval:def:1801315 CVE-2018-16737: tinc 1.0.29 and earlier allow an oracle attack that could allow a remote attacker to establish one-way communication with a tinc node, allowing it to send fake control messages and inject packets into the VPN. The attack takes only a few seconds to complete. Tinc 1.1pre14 and earlier ... oval:org.secpod.oval:def:1801318 CVE-2018-16737: tinc 1.0.29 and earlier allow an oracle attack that could allow a remote attacker to establish one-way communication with a tinc node, allowing it to send fake control messages and inject packets into the VPN. The attack takes only a few seconds to complete. Tinc 1.1pre14 and earlier ... oval:org.secpod.oval:def:115686 tinc is a Virtual Private Network daemon that uses tunnelling and encryption to create a secure private network between hosts on the Internet. Because the tunnel appears to the IP level network code as a normal network device, there is no need to adapt any existing software. This tunnelling allows ... oval:org.secpod.oval:def:115682 tinc is a Virtual Private Network daemon that uses tunnelling and encryption to create a secure private network between hosts on the Internet. Because the tunnel appears to the IP level network code as a normal network device, there is no need to adapt any existing software. This tunnelling allows ... oval:org.secpod.oval:def:1901399 tinc before 1.0.30 has a broken authentication protocol, without even a partial mitigation. |
