CVE-2013-4550

24.12.2013, 18:55

Bip before 0.8.9, when running as a daemon, writes SSL handshake errors to an unexpected file descriptor that was previously associated with stderr before stderr has been closed, which allows remote attackers to write to other sockets and have an unspecified impact via a failed SSL handshake, a different vulnerability than CVE-2011-5268. NOTE: some sources originally mapped this CVE to two different types of issues; this CVE has since been SPLIT, producing CVE-2011-5268.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Vector
NIST	NIST	5.1 UNKNOWN	NETWORK	HIGH	AV:N/AC:H/Au:N/C:P/I:P/A:P
redhat	CNA	---			---
CVE	ADP	---			---

Base Score

CVSS 3.x

EPSS Score

Percentile: 76%

Vendor	Product	Version
duckcorp	bip	𝑥 ≤ 0.8.8
duckcorp	bip	0.8.0
duckcorp	bip	0.8.0:rc0
duckcorp	bip	0.8.0:rc1
duckcorp	bip	0.8.1
duckcorp	bip	0.8.2
duckcorp	bip	0.8.3
duckcorp	bip	0.8.4
duckcorp	bip	0.8.5
duckcorp	bip	0.8.6
duckcorp	bip	0.8.7

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

bip

bullseye	0.9.0~rc4-1 fixed
wheezy	no-dsa
squeeze	no-dsa
bookworm	0.9.3-1 fixed
sid	0.9.3-1.1 fixed
trixie	0.9.3-1.1 fixed

Ubuntu Releases

Ubuntu Product

Codename

bip

saucy	Fixed 0.8.8-2ubuntu1.1 released
raring	Fixed 0.8.8-2ubuntu0.13.04.1 released
quantal	Fixed 0.8.8-2ubuntu0.12.10.1 released
precise	Fixed 0.8.8-1ubuntu0.3 released
lucid	ignored

Common Weakness Enumeration

CWE-310 -

References

http://lists.fedoraproject.org/pipermail/package-announce/2013-November/121868.html

http://lists.fedoraproject.org/pipermail/package-announce/2013-November/122274.html

http://lists.fedoraproject.org/pipermail/package-announce/2013-November/122278.html

http://www.openwall.com/lists/oss-security/2014/01/02/9