connection.c in Bip before 0.8.9 does not properly close sockets, which allows remote attackers to cause a denial of service (file descriptor consumption and crash) via multiple failed SSL handshakes, a different vulnerability than CVE-2013-4550. NOTE: this issue was SPLIT from CVE-2013-4550 because it is a different type of issue.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Bip | Duckcorp | * | 0.8.8 (including) |
| Bip | Duckcorp | 0.8.0 (including) | 0.8.0 (including) |
| Bip | Duckcorp | 0.8.0-rc0 (including) | 0.8.0-rc0 (including) |
| Bip | Duckcorp | 0.8.0-rc1 (including) | 0.8.0-rc1 (including) |
| Bip | Duckcorp | 0.8.1 (including) | 0.8.1 (including) |
| Bip | Duckcorp | 0.8.2 (including) | 0.8.2 (including) |
| Bip | Duckcorp | 0.8.3 (including) | 0.8.3 (including) |
| Bip | Duckcorp | 0.8.4 (including) | 0.8.4 (including) |
| Bip | Duckcorp | 0.8.5 (including) | 0.8.5 (including) |
| Bip | Duckcorp | 0.8.6 (including) | 0.8.6 (including) |
| Bip | Duckcorp | 0.8.7 (including) | 0.8.7 (including) |
| Bip | Ubuntu | lucid | * |
| Bip | Ubuntu | precise | * |
| Bip | Ubuntu | quantal | * |
| Bip | Ubuntu | raring | * |
| Bip | Ubuntu | saucy | * |
| Bip | Ubuntu | upstream | * |