Lucene search

[email protected]CVE-2009-0650

HistoryFeb 20, 2009 - 6:30 p.m.

CVE-2009-0650

2009-02-2018:30:00

CWE-119

[email protected]

web.nvd.nist.gov

security

buffer overflow

denial of service

arbitrary code execution

vulnerability

tptest

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.2 High

AI Score

Confidence

Low

0.025 Low

EPSS

Percentile

90.2%

JSON

Stack-based buffer overflow in the GetStatsFromLine function in TPTEST 3.1.7 and earlier, and possibly 5.02, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a STATS line with a long pwd field. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD

Node

tptesttptestRange≤3.1.7

tptesttptestMatch5.0.2

CPENameOperatorVersion
tptest:tptesttptestle3.1.7
tptest:tptesttptesteq5.0.2

CPE	Name	Operator	Version
tptest:tptest	tptest	le	3.1.7
tptest:tptest	tptest	eq	5.0.2

References

secunia.com/advisories/33972

www.securityfocus.com/bid/33785

exchange.xforce.ibmcloud.com/vulnerabilities/48781

www.exploit-db.com/exploits/8058

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.2 High

AI Score

Confidence

Low

0.025 Low

EPSS

Percentile

90.2%

JSON

Related for CVE-2009-0650

openvas3 nvd1 nessus2 prion1 cvelist1 gentoo1