Lucene search

[email protected]CVE-2005-1391

HistoryMay 03, 2005 - 4:00 a.m.

CVE-2005-1391

2005-05-0304:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-1391

buffer overflow

apsis pound

remote code execution

nvd

7.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.105 Low

EPSS

Percentile

94.9%

JSON

Buffer overflow in the add_port function in APSIS Pound 1.8.2 and earlier allows remote attackers to execute arbitrary code via a long Host HTTP header.

CPENameOperatorVersion
apsis:poundapsis poundeq1.8.2

CPE	Name	Operator	Version
apsis:pound	apsis pound	eq	1.8.2

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=307852

secunia.com/advisories/15142

secunia.com/advisories/15202

secunia.com/advisories/15679

secunia.com/advisories/18381

security.gentoo.org/glsa/glsa-200504-29.xml

securitytracker.com/id?1013824

www.apsis.ch/pound/pound_list/archive/2005/2005-04/1114516112000

www.debian.org/security/2005/dsa-934

www.osvdb.org/15963

www.securityfocus.com/bid/13436

www.vupen.com/english/advisories/2005/0437

exchange.xforce.ibmcloud.com/vulnerabilities/20316

7.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.105 Low

EPSS

Percentile

94.9%

JSON

Related for CVE-2005-1391

gentoo1 debiancve1 nessus2 openvas4 ubuntucve1 osv1 securityvulns1 debian2