Lucene search
HistoryMar 03, 2010 - 8:30 p.m.
CVE-2009-4658
xerver
cve-2009-4658
denial of service
remote authentication
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
6.2 Medium
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
76.0%
Xerver 4.32 allows remote authenticated users to cause a denial of service (daemon crash) via a non-numeric web port assignment in the management interface. NOTE: this can be leveraged by non-authenticated attackers using CVE-2009-4657.
Affected configurations
Node
omidrouhanixerverMatch4.32
| CPE | Name | Operator | Version |
|---|---|---|---|
| omidrouhani:xerver | omidrouhani xerver | eq | 4.32 |
Related
cvelist
cvelist
CVE-2009-4658
2010-03-03 20:00:00
CVE-2009-4657
2010-03-03 20:00:00
nvd
nvd
CVE-2009-4658
2010-03-03 20:30:00
CVE-2009-4657
2010-03-03 20:30:00
openvas
openvas
Xerver HTTP Server Web Administration Denial of Service Vulnerability
2010-03-10 00:00:00
Xerver HTTP Server Web Administration <= 4.32 DoS Vulnerability
2010-03-10 00:00:00
prion
prion
Code injection
2010-03-03 20:30:00
Authentication flaw
2010-03-03 20:30:00
cve
cve
CVE-2009-4657
2010-03-03 20:30:00
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
6.2 Medium
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
76.0%
Related for CVE-2009-4658