Vulnerabilities > CVE-2009-5009 - Resource Management Errors vulnerability in Infradead Openconnect

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

infradead

CWE-399

NVD

Published: 2010-10-14

Updated: 2024-11-21

Summary

Double free vulnerability in OpenConnect before 1.40 might allow remote AnyConnect SSL VPN servers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted DTLS Cipher option during a reconnect operation.

Vulnerable Configurations

Part	Description	Count
Application	Infradead Infradead Openconnect 1.00 Infradead Openconnect 1.10 Infradead Openconnect 1.20 Infradead Openconnect 1.30	4

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

References

http://www.infradead.org/openconnect.html
http://www.infradead.org/openconnect.html