Search...

CVE-2009-0798

2009-04-24T11:30:00

ID CVE-2009-0798
Type cve
Reporter NVD
Modified 2017-09-28T21:34:02

Description

ACPI Event Daemon (acpid) before 1.0.10 allows remote attackers to cause a denial of service (CPU consumption and connectivity loss) by opening a large number of UNIX sockets without closing them, which triggers an infinite loop.

JSON Vulners Source

Initial Source

{"id": "CVE-2009-0798", "bulletinFamily": "NVD", "title": "CVE-2009-0798", "description": "ACPI Event Daemon (acpid) before 1.0.10 allows remote attackers to cause a denial of service (CPU consumption and connectivity loss) by opening a large number of UNIX sockets without closing them, which triggers an infinite loop.", "published": "2009-04-24T11:30:00", "modified": "2017-09-28T21:34:02", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0798", "reporter": "NVD", "references": ["http://www.ubuntu.com/usn/USN-766-1", "http://www.mandriva.com/security/advisories?name=MDVSA-2009:107", "https://bugzilla.redhat.com/show_bug.cgi?id=494443", "http://www.securityfocus.com/bid/34692", "http://www.redhat.com/support/errata/RHSA-2009-0474.html", "https://bugzilla.redhat.com/show_bug.cgi?id=502583", "https://exchange.xforce.ibmcloud.com/vulnerabilities/50060", "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01365.html", "http://www.debian.org/security/2009/dsa-1786", "http://www.gentoo.org/security/en/glsa/glsa-200905-06.xml", "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01342.html", "http://www.securitytracker.com/id?1022182"], "cvelist": ["CVE-2009-0798"], "type": "cve", "lastseen": "2017-09-29T14:26:31", "history": [{"bulletin": {"assessment": {"href": "http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:7560", "name": "oval:org.mitre.oval:def:7560", "system": "http://oval.mitre.org/XMLSchema/oval-definitions-5"}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:tim_hockin:acpid:1.0.6", "cpe:/a:tim_hockin:acpid:0.99.0", "cpe:/a:tim_hockin:acpid:1.0.2", "cpe:/a:tim_hockin:acpid:20010510", "cpe:/a:tim_hockin:acpid:1.0.3", "cpe:/a:tim_hockin:acpid:0.99.1", "cpe:/a:tim_hockin:acpid:1.0.4", "cpe:/a:tim_hockin:acpid:1.0.1", "cpe:/a:tim_hockin:acpid:1.0.8", "cpe:/a:tim_hockin:acpid:1.0.0", "cpe:/a:tim_hockin:acpid:0.99.4"], "cvelist": ["CVE-2009-0798"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "ACPI Event Daemon (acpid) before 1.0.10 allows remote attackers to cause a denial of service (CPU consumption and connectivity loss) by opening a large number of UNIX sockets without closing them, which triggers an infinite loop.", "edition": 2, "enchantments": {}, "hash": "be49b87709b351eefe574d572cdeb24e511b270a75668bd75e0e46eca4e33f1a", "hashmap": [{"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "9f738d44577c03b686b52d275e9fb47f", "key": "published"}, {"hash": "87e4c44791c2a367ad4e84b43fe91c7e", "key": "title"}, {"hash": "73bfdb2fabbb0c5a83579f2ba3e456b5", "key": "description"}, {"hash": "8877805279cb0b762447fba8ef2c2af3", "key": "modified"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "24c3ce87f0475d5c41ebab031eb042b2", "key": "cpe"}, {"hash": "2fceb6ad4577ac8f1f89dd0d962511e9", "key": "cvelist"}, {"hash": "bfdf973c2ae1089189b55711c61caa14", "key": "references"}, {"hash": "e5bc51cef181896fa33a12cfe7fce016", "key": "scanner"}, {"hash": "8432f69361ef8851ddb75b5f125d20f6", "key": "assessment"}, {"hash": "348c3b2c400fdaebb7dbe82cb45909b0", "key": "href"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0798", "id": "CVE-2009-0798", "lastseen": "2017-08-17T11:14:15", "modified": "2017-08-16T21:30:01", "objectVersion": "1.3", "published": "2009-04-24T11:30:00", "references": ["http://www.ubuntu.com/usn/USN-766-1", "http://www.mandriva.com/security/advisories?name=MDVSA-2009:107", "https://bugzilla.redhat.com/show_bug.cgi?id=494443", "http://www.securityfocus.com/bid/34692", "http://www.redhat.com/support/errata/RHSA-2009-0474.html", "https://bugzilla.redhat.com/show_bug.cgi?id=502583", "https://exchange.xforce.ibmcloud.com/vulnerabilities/50060", "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01365.html", "http://www.debian.org/security/2009/dsa-1786", "http://www.gentoo.org/security/en/glsa/glsa-200905-06.xml", "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01342.html", "http://www.securitytracker.com/id?1022182"], "reporter": "NVD", "scanner": [{"href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:9955", "name": "oval:org.mitre.oval:def:9955", "system": "http://oval.mitre.org/XMLSchema/oval-definitions-5"}], "title": "CVE-2009-0798", "type": "cve", "viewCount": 0}, "differentElements": ["assessment", "modified"], "edition": 2, "lastseen": "2017-08-17T11:14:15"}, {"bulletin": {"assessment": {"href": "http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:7560", "name": "oval:org.mitre.oval:def:7560", "system": "http://oval.mitre.org/XMLSchema/oval-definitions-5"}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:tim_hockin:acpid:1.0.6", "cpe:/a:tim_hockin:acpid:0.99.0", "cpe:/a:tim_hockin:acpid:1.0.2", "cpe:/a:tim_hockin:acpid:20010510", "cpe:/a:tim_hockin:acpid:1.0.3", "cpe:/a:tim_hockin:acpid:0.99.1", "cpe:/a:tim_hockin:acpid:1.0.4", "cpe:/a:tim_hockin:acpid:1.0.1", "cpe:/a:tim_hockin:acpid:1.0.8", "cpe:/a:tim_hockin:acpid:1.0.0", "cpe:/a:tim_hockin:acpid:0.99.4"], "cvelist": ["CVE-2009-0798"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "ACPI Event Daemon (acpid) before 1.0.10 allows remote attackers to cause a denial of service (CPU consumption and connectivity loss) by opening a large number of UNIX sockets without closing them, which triggers an infinite loop.", "edition": 1, "enchantments": {}, "hash": "5546f5ba5c7ce7a24d7767a862b537fca899eecb2fc97d95e3e6a4e0e1612bc6", "hashmap": [{"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "9f738d44577c03b686b52d275e9fb47f", "key": "published"}, {"hash": "87e4c44791c2a367ad4e84b43fe91c7e", "key": "title"}, {"hash": "3a8e06991144d2ccd5f96b62b41a12d6", "key": "references"}, {"hash": "73bfdb2fabbb0c5a83579f2ba3e456b5", "key": "description"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "5642311ba5e557381c2e2b957b36c254", "key": "modified"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "24c3ce87f0475d5c41ebab031eb042b2", "key": "cpe"}, {"hash": "2fceb6ad4577ac8f1f89dd0d962511e9", "key": "cvelist"}, {"hash": "e5bc51cef181896fa33a12cfe7fce016", "key": "scanner"}, {"hash": "8432f69361ef8851ddb75b5f125d20f6", "key": "assessment"}, {"hash": "348c3b2c400fdaebb7dbe82cb45909b0", "key": "href"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0798", "id": "CVE-2009-0798", "lastseen": "2016-09-03T12:09:29", "modified": "2010-08-21T01:30:58", "objectVersion": "1.2", "published": "2009-04-24T11:30:00", "references": ["http://www.ubuntu.com/usn/USN-766-1", "http://www.mandriva.com/security/advisories?name=MDVSA-2009:107", "https://bugzilla.redhat.com/show_bug.cgi?id=494443", "http://www.securityfocus.com/bid/34692", "http://www.redhat.com/support/errata/RHSA-2009-0474.html", "http://xforce.iss.net/xforce/xfdb/50060", "https://bugzilla.redhat.com/show_bug.cgi?id=502583", "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01365.html", "http://www.debian.org/security/2009/dsa-1786", "http://www.gentoo.org/security/en/glsa/glsa-200905-06.xml", "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01342.html", "http://www.securitytracker.com/id?1022182"], "reporter": "NVD", "scanner": [{"href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:9955", "name": "oval:org.mitre.oval:def:9955", "system": "http://oval.mitre.org/XMLSchema/oval-definitions-5"}], "title": "CVE-2009-0798", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T12:09:29"}], "edition": 3, "hashmap": [{"key": "assessment", "hash": "e8ac7bbaac0d398cdf5067ce848e5f65"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "24c3ce87f0475d5c41ebab031eb042b2"}, {"key": "cvelist", "hash": "2fceb6ad4577ac8f1f89dd0d962511e9"}, {"key": "cvss", "hash": "84813b1457b92d6ba1174abffbb83a2f"}, {"key": "description", "hash": "73bfdb2fabbb0c5a83579f2ba3e456b5"}, {"key": "href", "hash": "348c3b2c400fdaebb7dbe82cb45909b0"}, {"key": "modified", "hash": "29839846e1676120bb70a7638d6f23a1"}, {"key": "published", "hash": "9f738d44577c03b686b52d275e9fb47f"}, {"key": "references", "hash": "bfdf973c2ae1089189b55711c61caa14"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "e5bc51cef181896fa33a12cfe7fce016"}, {"key": "title", "hash": "87e4c44791c2a367ad4e84b43fe91c7e"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "5253d03aed868bbbb3bff1aad382ad92b46e73594ea983c9f01bab88db6e2971", "viewCount": 0, "enchantments": {"vulnersScore": 5.0}, "objectVersion": "1.3", "cpe": ["cpe:/a:tim_hockin:acpid:1.0.6", "cpe:/a:tim_hockin:acpid:0.99.0", "cpe:/a:tim_hockin:acpid:1.0.2", "cpe:/a:tim_hockin:acpid:20010510", "cpe:/a:tim_hockin:acpid:1.0.3", "cpe:/a:tim_hockin:acpid:0.99.1", "cpe:/a:tim_hockin:acpid:1.0.4", "cpe:/a:tim_hockin:acpid:1.0.1", "cpe:/a:tim_hockin:acpid:1.0.8", "cpe:/a:tim_hockin:acpid:1.0.0", "cpe:/a:tim_hockin:acpid:0.99.4"], "assessment": {"href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7560", "name": "oval:org.mitre.oval:def:7560", "system": "http://oval.mitre.org/XMLSchema/oval-definitions-5"}, "scanner": [{"href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:9955", "name": "oval:org.mitre.oval:def:9955", "system": "http://oval.mitre.org/XMLSchema/oval-definitions-5"}]}

{"result": {"nessus": [{"id": "UBUNTU_USN-766-1.NASL", "type": "nessus", "title": "Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : acpid vulnerability (USN-766-1)", "description": "It was discovered that acpid did not properly handle a large number of connections. A local user could exploit this and monopolize CPU resources, leading to a denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2009-04-28T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=38195", "cvelist": ["CVE-2009-0798"], "lastseen": "2017-10-29T13:34:29"}, {"id": "FEDORA_2009-5578.NASL", "type": "nessus", "title": "Fedora 10 : acpid-1.0.6-11.fc10 (2009-5578)", "description": "Fixed CVE-2009-0798 (too many open files DoS)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2009-05-28T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=38941", "cvelist": ["CVE-2009-0798"], "lastseen": "2017-10-29T13:40:47"}, {"id": "FEDORA_2009-5608.NASL", "type": "nessus", "title": "Fedora 9 : acpid-1.0.6-8.fc9 (2009-5608)", "description": "Fixed CVE-2009-0798 (too many open files DoS)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2009-05-28T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=38942", "cvelist": ["CVE-2009-0798"], "lastseen": "2017-10-29T13:43:25"}, {"id": "GENTOO_GLSA-200905-06.NASL", "type": "nessus", "title": "GLSA-200905-06 : acpid: Denial of Service", "description": "The remote host is affected by the vulnerability described in GLSA-200905-06 (acpid: Denial of Service)\n\n The acpid daemon allows opening a large number of UNIX sockets without closing them, triggering an infinite loop.\n Impact :\n\n Remote attackers can cause a Denial of Service (CPU consumption and connectivity loss).\n Workaround :\n\n There is no known workaround at this time.", "published": "2009-05-26T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=38887", "cvelist": ["CVE-2009-0798"], "lastseen": "2017-10-29T13:37:09"}, {"id": "REDHAT-RHSA-2009-0474.NASL", "type": "nessus", "title": "RHEL 3 / 4 / 5 : acpid (RHSA-2009:0474)", "description": "An updated acpid package that fixes one security issue is now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nacpid is a daemon that dispatches ACPI (Advanced Configuration and Power Interface) events to user-space programs.\n\nAnthony de Almeida Lopes of Outpost24 AB reported a denial of service flaw in the acpid daemon's error handling. If an attacker could exhaust the sockets open to acpid, the daemon would enter an infinite loop, consuming most CPU resources and preventing acpid from communicating with legitimate processes. (CVE-2009-0798)\n\nUsers are advised to upgrade to this updated package, which contains a backported patch to correct this issue.", "published": "2009-05-08T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=38710", "cvelist": ["CVE-2009-0798"], "lastseen": "2017-10-29T13:43:08"}, {"id": "MANDRIVA_MDVSA-2009-107.NASL", "type": "nessus", "title": "Mandriva Linux Security Advisory : acpid (MDVSA-2009:107-1)", "description": "The daemon in acpid before 1.0.10 allows remote attackers to cause a denial of service (CPU consumption and connectivity loss) by opening a large number of UNIX sockets without closing them, which triggers an infinite loop (CVE-2009-0798).\n\nThe updated packages have been patched to prevent this.\n\nUpdate :\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0 customers", "published": "2009-05-08T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=38707", "cvelist": ["CVE-2009-0798"], "lastseen": "2017-10-29T13:33:21"}, {"id": "DEBIAN_DSA-1786.NASL", "type": "nessus", "title": "Debian DSA-1786-1 : acpid - denial of service", "description": "It was discovered that acpid, a daemon for delivering ACPI events, is prone to a denial of service attack by opening a large number of UNIX sockets, which are not closed properly.", "published": "2009-05-04T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=38667", "cvelist": ["CVE-2009-0798"], "lastseen": "2017-10-29T13:41:44"}, {"id": "ORACLELINUX_ELSA-2009-0474.NASL", "type": "nessus", "title": "Oracle Linux 3 / 4 / 5 : acpid (ELSA-2009-0474)", "description": "From Red Hat Security Advisory 2009:0474 :\n\nAn updated acpid package that fixes one security issue is now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nacpid is a daemon that dispatches ACPI (Advanced Configuration and Power Interface) events to user-space programs.\n\nAnthony de Almeida Lopes of Outpost24 AB reported a denial of service flaw in the acpid daemon's error handling. If an attacker could exhaust the sockets open to acpid, the daemon would enter an infinite loop, consuming most CPU resources and preventing acpid from communicating with legitimate processes. (CVE-2009-0798)\n\nUsers are advised to upgrade to this updated package, which contains a backported patch to correct this issue.", "published": "2013-07-12T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=67855", "cvelist": ["CVE-2009-0798"], "lastseen": "2017-10-29T13:36:34"}, {"id": "CENTOS_RHSA-2009-0474.NASL", "type": "nessus", "title": "CentOS 3 / 4 / 5 : acpid (CESA-2009:0474)", "description": "An updated acpid package that fixes one security issue is now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nacpid is a daemon that dispatches ACPI (Advanced Configuration and Power Interface) events to user-space programs.\n\nAnthony de Almeida Lopes of Outpost24 AB reported a denial of service flaw in the acpid daemon's error handling. If an attacker could exhaust the sockets open to acpid, the daemon would enter an infinite loop, consuming most CPU resources and preventing acpid from communicating with legitimate processes. (CVE-2009-0798)\n\nUsers are advised to upgrade to this updated package, which contains a backported patch to correct this issue.", "published": "2009-05-26T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=38903", "cvelist": ["CVE-2009-0798"], "lastseen": "2017-10-29T13:40:22"}, {"id": "ORACLEVM_OVMSA-2009-0008.NASL", "type": "nessus", "title": "OracleVM 2.1 : acpid (OVMSA-2009-0008)", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\nCVE-2009-0798 \n\nThe daemon in acpid before 1.0.10 allows remote attackers to cause a denial of service (CPU consumption and connectivity loss) by opening a large number of UNIX sockets without closing them, which triggers an infinite loop.\n\n - Updated the License entry\n\n - Fixed CVE-2009-0798 (too many open files DoS)\n\n - Resolves: #496291\n\n - Minor fixes in init script\n\n - Resolves: #237752\n\n - Review of init script\n\n - Fixed fd leaking\n\n - Resolves: #237752 #441686", "published": "2014-11-26T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=79455", "cvelist": ["CVE-2009-0798"], "lastseen": "2017-10-29T13:40:30"}], "openvas": [{"id": "OPENVAS:64072", "type": "openvas", "title": "Fedora Core 9 FEDORA-2009-5608 (acpid)", "description": "The remote host is missing an update to acpid\nannounced via advisory FEDORA-2009-5608.", "published": "2009-06-05T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=64072", "cvelist": ["CVE-2009-0798"], "lastseen": "2017-07-25T10:56:36"}, {"id": "OPENVAS:880915", "type": "openvas", "title": "CentOS Update for acpid CESA-2009:0474 centos4 i386", "description": "Check for the Version of acpid", "published": "2011-08-09T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=880915", "cvelist": ["CVE-2009-0798"], "lastseen": "2017-07-25T10:55:56"}, {"id": "OPENVAS:136141256231064045", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200905-06 (acpid)", "description": "The remote host is missing updates announced in\nadvisory GLSA 200905-06.", "published": "2009-05-25T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064045", "cvelist": ["CVE-2009-0798"], "lastseen": "2018-04-06T11:39:17"}, {"id": "OPENVAS:64084", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-5578 (acpid)", "description": "The remote host is missing an update to acpid\nannounced via advisory FEDORA-2009-5578.", "published": "2009-06-05T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=64084", "cvelist": ["CVE-2009-0798"], "lastseen": "2017-07-25T10:56:49"}, {"id": "OPENVAS:63938", "type": "openvas", "title": "Debian Security Advisory DSA 1786-1 (acpid)", "description": "The remote host is missing an update to acpid\nannounced via advisory DSA 1786-1.", "published": "2009-05-05T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=63938", "cvelist": ["CVE-2009-0798"], "lastseen": "2017-07-24T12:56:11"}, {"id": "OPENVAS:66363", "type": "openvas", "title": "Mandriva Security Advisory MDVSA-2009:107-1 (acpid)", "description": "The remote host is missing an update to acpid\nannounced via advisory MDVSA-2009:107-1.", "published": "2009-12-10T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=66363", "cvelist": ["CVE-2009-0798"], "lastseen": "2017-07-24T12:56:26"}, {"id": "OPENVAS:136141256231063938", "type": "openvas", "title": "Debian Security Advisory DSA 1786-1 (acpid)", "description": "The remote host is missing an update to acpid\nannounced via advisory DSA 1786-1.", "published": "2009-05-05T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063938", "cvelist": ["CVE-2009-0798"], "lastseen": "2018-04-06T11:37:39"}, {"id": "OPENVAS:880698", "type": "openvas", "title": "CentOS Update for acpid CESA-2009:0474 centos5 i386", "description": "Check for the Version of acpid", "published": "2011-08-09T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=880698", "cvelist": ["CVE-2009-0798"], "lastseen": "2017-07-25T10:55:35"}, {"id": "OPENVAS:64045", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200905-06 (acpid)", "description": "The remote host is missing updates announced in\nadvisory GLSA 200905-06.", "published": "2009-05-25T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=64045", "cvelist": ["CVE-2009-0798"], "lastseen": "2017-07-24T12:56:46"}, {"id": "OPENVAS:136141256231064084", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-5578 (acpid)", "description": "The remote host is missing an update to acpid\nannounced via advisory FEDORA-2009-5578.", "published": "2009-06-05T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064084", "cvelist": ["CVE-2009-0798"], "lastseen": "2018-04-06T11:39:29"}], "seebug": [{"id": "SSV:5115", "type": "seebug", "title": "acpid\u5957\u63a5\u5b57\u8017\u5c3d\u672c\u5730\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "description": "BUGTRAQ ID: 34692\r\nCVE(CAN) ID: CVE-2009-0798\r\n\r\nACPID\u662f\u4e00\u4e2a\u7075\u6d3b\u3001\u53ef\u6269\u5c55\u7684ACPI\u4e8b\u4ef6\u9012\u9001\u5b88\u62a4\u7a0b\u5e8f\u3002\r\n\r\nacpid\u5b88\u62a4\u7a0b\u5e8f\u5904\u7406\u51fa\u9519\u60c5\u51b5\u7684\u65b9\u5f0f\u5b58\u5728\u9519\u8bef\uff0c\u5373\u4f7f\u5df2\u7ecf\u5173\u95ed\u4e86\u5957\u63a5\u5b57\u7684\u53e6\u4e00\u7aef\uff0c\u4e5f\u53ef\u4ee5\u901a\u8fc7\u5f3a\u5236\u4e0d\u5173\u95ed\u5f00\u653e\u7684UNIX\u5957\u63a5\u5b57\u5bfc\u81f4\u5b88\u62a4\u7a0b\u5e8f\u9677\u5165\u6b7b\u5faa\u73af\uff0c\u8017\u5c3d\u5927\u91cfCPU\u8d44\u6e90\u5e76\u59a8\u788d\u5408\u6cd5\u8fdb\u7a0b\u4e0eacpid\u7684\u901a\u8baf\u3002\n\nacpid acpid 1.0.8\r\nacpid acpid 1.0.3\r\nacpid acpid 1.0.1\n acpid\r\n-----\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\n<a href=http://sourceforge.net/project/downloading.php?group_id=33140&filename=acpid-1.0.10.tar.gz&a=32826711 target=_blank rel=external nofollow>http://sourceforge.net/project/downloading.php?group_id=33140&filename=acpid-1.0.10.tar.gz&a=32826711</a>", "published": "2009-04-28T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.seebug.org/vuldb/ssvid-5115", "cvelist": ["CVE-2009-0798"], "lastseen": "2017-11-19T18:52:20"}], "oraclelinux": [{"id": "ELSA-2009-0474", "type": "oraclelinux", "title": "acpid security update", "description": "[1.0.4-7.el5_3.1]\n- Updated the License entry\n- Fixed CVE-2009-0798 (too many open files DoS)\n- Resolves: #496291 ", "published": "2009-05-07T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2009-0474.html", "cvelist": ["CVE-2009-0798"], "lastseen": "2016-09-04T11:16:40"}], "gentoo": [{"id": "GLSA-200905-06", "type": "gentoo", "title": "acpid: Denial of Service", "description": "### Background\n\nacpid is a daemon for the Advanced Configuration and Power Interface (ACPI). \n\n### Description\n\nThe acpid daemon allows opening a large number of UNIX sockets without closing them, triggering an infinite loop. \n\n### Impact\n\nRemote attackers can cause a Denial of Service (CPU consumption and connectivity loss). \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll acpid users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-power/acpid-1.0.10\"", "published": "2009-05-24T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://security.gentoo.org/glsa/200905-06", "cvelist": ["CVE-2009-0798"], "lastseen": "2016-09-06T19:46:40"}], "centos": [{"id": "CESA-2009:0474", "type": "centos", "title": "acpid security update", "description": "**CentOS Errata and Security Advisory** CESA-2009:0474\n\n\nacpid is a daemon that dispatches ACPI (Advanced Configuration and Power\nInterface) events to user-space programs.\n\nAnthony de Almeida Lopes of Outpost24 AB reported a denial of service flaw\nin the acpid daemon's error handling. If an attacker could exhaust the\nsockets open to acpid, the daemon would enter an infinite loop, consuming\nmost CPU resources and preventing acpid from communicating with legitimate\nprocesses. (CVE-2009-0798)\n\nUsers are advised to upgrade to this updated package, which contains a\nbackported patch to correct this issue.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/015846.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/015859.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/015861.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/015873.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/015874.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/015883.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/015926.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/015927.html\n\n**Affected packages:**\nacpid\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-0457.html\nhttps://rhn.redhat.com/errata/RHSA-2009-0474.html", "published": "2009-05-07T21:36:32", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2009-May/015846.html", "cvelist": ["CVE-2009-0798"], "lastseen": "2017-10-12T14:46:07"}], "redhat": [{"id": "RHSA-2009:0474", "type": "redhat", "title": "(RHSA-2009:0474) Moderate: acpid security update", "description": "acpid is a daemon that dispatches ACPI (Advanced Configuration and Power\nInterface) events to user-space programs.\n\nAnthony de Almeida Lopes of Outpost24 AB reported a denial of service flaw\nin the acpid daemon's error handling. If an attacker could exhaust the\nsockets open to acpid, the daemon would enter an infinite loop, consuming\nmost CPU resources and preventing acpid from communicating with legitimate\nprocesses. (CVE-2009-0798)\n\nUsers are advised to upgrade to this updated package, which contains a\nbackported patch to correct this issue.", "published": "2009-05-07T04:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2009:0474", "cvelist": ["CVE-2009-0798"], "lastseen": "2018-05-27T21:43:23"}], "ubuntu": [{"id": "USN-766-1", "type": "ubuntu", "title": "acpid vulnerability", "description": "It was discovered that acpid did not properly handle a large number of connections. A local user could exploit this and monopolize CPU resources, leading to a denial of service.", "published": "2009-04-27T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://usn.ubuntu.com/766-1/", "cvelist": ["CVE-2009-0798"], "lastseen": "2018-03-29T18:17:24"}], "debian": [{"id": "DSA-1786", "type": "debian", "title": "acpid -- denial of service", "description": "It was discovered that acpid, a daemon for delivering ACPI events, is prone to a denial of service attack by opening a large number of UNIX sockets, which are not closed properly.\n\nFor the stable distribution (lenny), this problem has been fixed in version 1.0.8-1lenny1.\n\nFor the oldstable distribution (etch), this problem has been fixed in version 1.0.4-5etch1.\n\nFor the testing distribution (squeeze) and the unstable distribution (sid), this problem has been fixed in version 1.0.10-1.\n\nWe recommend that you upgrade your acpid packages.", "published": "2009-05-02T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://www.debian.org/security/dsa-1786", "cvelist": ["CVE-2009-0798"], "lastseen": "2016-09-02T18:19:16"}], "vmware": [{"id": "VMSA-2010-0006", "type": "vmware", "title": "ESX Service Console updates for samba and acpid", "description": "a. Service Console update for samba to 3.0.33-3.15.el5_4.1 \nThis update changes the samba packages to samba-client-3.0.33-3.15.el5_4.1 and samba-common-3.0.33-3.15.el5_4.1. These versions include fixes for security issues that were first fixed in samba-client-3.0.33-0.18.el4_8 and samba-common-3.0.33-0.18.el4_8. \n \nThe Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the names CVE-2009-2906, CVE-2009-1888,CVE-2009-2813 and CVE-2009-2948 to these issues. \n \nThe following table lists what action remediates the vulnerability (column 4) if a solution is available. \n\n", "published": "2010-04-01T00:00:00", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.vmware.com/security/advisories/VMSA-2010-0006.html", "cvelist": ["CVE-2009-2813", "CVE-2009-2906", "CVE-2009-0798", "CVE-2009-1888", "CVE-2009-2948"], "lastseen": "2016-09-04T11:19:28"}]}}