CVSS Base Vector:
The remote host is missing an update for the 'openconnect'
Linux Distribution Package(s) announced via the DSA-1945-1 advisory.
Checks if a vulnerable Linux Distribution Package version is present on the target host.
A vulnerability was discovered by Lukas Kupczyk of the Advanced Research
Team at CrowdStrike Intelligence in OpenConnect, an open client for
Cisco AnyConnect, Pulse, GlobalProtect VPN. A malicious HTTP server
(after its identity certificate has been accepted) can provide bogus
chunk lengths for chunked HTTP encoding and cause a heap overflow.
'openconnect' Linux Distribution Package(s) on Debian Linux.
For Debian 8 'Jessie', this problem has been fixed in version
We recommend that you upgrade your openconnect Linux Distribution Packages.
Linux Distribution Package
Debian Local Security Checks
Find and Fix this Vulnerability:
Mageni can help you to find out if you have this or more vulnerabilities exposing you to hackers, ransomware and malware: Download Mageni's Free Edition
NVD CVE ID: