CVE-2002-1755

Name of the Vulnerable Software and Affected Versions tinc versions 1.0pre3 through 1.0pre4

Description The issue allows remote attackers to inject data into user sessions without detection. This could potentially enable control over the data contents via cut-and-paste attacks on CBC.

Recommendations For versions 1.0pre3 and 1.0pre4, consider implementing additional authentication mechanisms for forwarded packets to prevent unauthorized data injection. As a temporary workaround, restrict access to sensitive data and sessions to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.