CVE-2013-4550 in Bipinfo

Summary

Bip before 0.8.9, when running as a daemon, writes SSL handshake errors to an unexpected file descriptor that was previously associated with stderr before stderr has been closed, which allows remote attackers to write to other sockets and have an unspecified impact via a failed SSL handshake, a different vulnerability than CVE-2011-5268. NOTE: some sources originally mapped this CVE to two different types of issues; this CVE has since been SPLIT, producing CVE-2011-5268.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

06/12/2013

Disclosure

12/24/2013

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
65880	Duckcorp Bip cryptographic issue	310	Not defined	Official fix	CVE-2013-4550

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

◂ PreviousOverviewNext ▸

Want to know what is going to be exploited?

We predict KEV entries!