Lucene search

[email protected]CVE-2009-4660

HistoryMar 03, 2010 - 8:30 p.m.

CVE-2009-4660

2010-03-0320:30:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2009-4660

stack-based buffer overflow

bigant im server

antserver module

remote code execution

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

Low

0.215 Low

EPSS

Percentile

96.5%

JSON

Stack-based buffer overflow in the AntServer Module (AntServer.exe) in BigAnt IM Server 2.50 allows remote attackers to execute arbitrary code via a long GET request to TCP port 6660.

Affected configurations

NVD

Node

bigantsoftbigant_messengerMatch2.50

CPENameOperatorVersion
bigantsoft:bigant_messengerbigantsoft bigant messengereq2.50

CPE	Name	Operator	Version
bigantsoft:bigant_messenger	bigantsoft bigant messenger	eq	2.50

References

secunia.com/advisories/36704

www.attrition.org/pipermail/vim/2009-September/002271.html

www.exploit-db.com/exploits/9673

www.exploit-db.com/exploits/9690

www.securityfocus.com/bid/36407

www.vupen.com/english/advisories/2009/2679

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

Low

0.215 Low

EPSS

Percentile

96.5%

JSON

Related for CVE-2009-4660

nvd1 openvas2 cvelist1 prion1