Lucene search

[email protected]NVD:CVE-2014-4909

HistoryJul 29, 2014 - 2:55 p.m.

CVE-2014-4909

2014-07-2914:55:07

CWE-189

[email protected]

web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.04 Low

EPSS

Percentile

92.1%

JSON

Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bounds write.

Affected configurations

NVD

Node

canonicalubuntu_linuxMatch12.04-lts

canonicalubuntu_linuxMatch13.10

canonicalubuntu_linuxMatch14.04lts

fedoraprojectfedoraMatch20

gentoolinux

Node

transmissionbttransmissionRange≤2.83

transmissionbttransmissionMatch0.1

transmissionbttransmissionMatch0.2

transmissionbttransmissionMatch0.3

transmissionbttransmissionMatch0.4

transmissionbttransmissionMatch0.5

transmissionbttransmissionMatch0.6

transmissionbttransmissionMatch0.6.1

transmissionbttransmissionMatch0.70

transmissionbttransmissionMatch0.71

transmissionbttransmissionMatch0.72

transmissionbttransmissionMatch0.80

transmissionbttransmissionMatch0.81

transmissionbttransmissionMatch0.82

transmissionbttransmissionMatch0.90

transmissionbttransmissionMatch0.91

transmissionbttransmissionMatch0.92

transmissionbttransmissionMatch0.93

transmissionbttransmissionMatch0.94

transmissionbttransmissionMatch0.95

transmissionbttransmissionMatch0.96

transmissionbttransmissionMatch1.00

transmissionbttransmissionMatch1.01

transmissionbttransmissionMatch1.02

transmissionbttransmissionMatch1.2

transmissionbttransmissionMatch1.03

transmissionbttransmissionMatch1.04

transmissionbttransmissionMatch1.05

transmissionbttransmissionMatch1.06

transmissionbttransmissionMatch1.10

transmissionbttransmissionMatch1.11

transmissionbttransmissionMatch1.20

transmissionbttransmissionMatch1.21

transmissionbttransmissionMatch1.22

transmissionbttransmissionMatch1.30

transmissionbttransmissionMatch1.31

transmissionbttransmissionMatch1.32

transmissionbttransmissionMatch1.33

transmissionbttransmissionMatch1.34

transmissionbttransmissionMatch1.40

transmissionbttransmissionMatch1.41

transmissionbttransmissionMatch1.42

transmissionbttransmissionMatch1.50

transmissionbttransmissionMatch1.51

transmissionbttransmissionMatch1.52

transmissionbttransmissionMatch1.53

transmissionbttransmissionMatch1.54

transmissionbttransmissionMatch1.60

transmissionbttransmissionMatch1.61

transmissionbttransmissionMatch1.70

transmissionbttransmissionMatch1.71

transmissionbttransmissionMatch1.72

transmissionbttransmissionMatch1.73

transmissionbttransmissionMatch1.74

transmissionbttransmissionMatch1.75

transmissionbttransmissionMatch1.76

transmissionbttransmissionMatch1.77

transmissionbttransmissionMatch1.80

transmissionbttransmissionMatch1.81

transmissionbttransmissionMatch1.82

transmissionbttransmissionMatch1.83

transmissionbttransmissionMatch1.90

transmissionbttransmissionMatch1.91

transmissionbttransmissionMatch1.92

transmissionbttransmissionMatch1.93

transmissionbttransmissionMatch2.00

transmissionbttransmissionMatch2.01

transmissionbttransmissionMatch2.02

transmissionbttransmissionMatch2.03

transmissionbttransmissionMatch2.04

transmissionbttransmissionMatch2.10

transmissionbttransmissionMatch2.11

transmissionbttransmissionMatch2.12

transmissionbttransmissionMatch2.13

transmissionbttransmissionMatch2.20

transmissionbttransmissionMatch2.21

transmissionbttransmissionMatch2.22

transmissionbttransmissionMatch2.30

transmissionbttransmissionMatch2.31

transmissionbttransmissionMatch2.32

transmissionbttransmissionMatch2.33

transmissionbttransmissionMatch2.40

transmissionbttransmissionMatch2.41

transmissionbttransmissionMatch2.42

transmissionbttransmissionMatch2.50

transmissionbttransmissionMatch2.51

transmissionbttransmissionMatch2.52

transmissionbttransmissionMatch2.60

transmissionbttransmissionMatch2.61

transmissionbttransmissionMatch2.70

transmissionbttransmissionMatch2.71

transmissionbttransmissionMatch2.72

transmissionbttransmissionMatch2.73

transmissionbttransmissionMatch2.74

transmissionbttransmissionMatch2.75

transmissionbttransmissionMatch2.76

transmissionbttransmissionMatch2.77

transmissionbttransmissionMatch2.80

transmissionbttransmissionMatch2.81

transmissionbttransmissionMatch2.82

References

inertiawar.com/submission.go

lists.fedoraproject.org/pipermail/package-announce/2014-July/135539.html

lists.opensuse.org/opensuse-updates/2014-08/msg00011.html

secunia.com/advisories/59897

secunia.com/advisories/60108

secunia.com/advisories/60527

www.debian.org/security/2014/dsa-2988

www.openwall.com/lists/oss-security/2014/07/10/4

www.openwall.com/lists/oss-security/2014/07/11/5

www.osvdb.org/108997

www.securityfocus.com/bid/68487

www.ubuntu.com/usn/USN-2279-1

bugs.gentoo.org/show_bug.cgi?id=516822

bugzilla.redhat.com/show_bug.cgi?id=1118290

trac.transmissionbt.com/wiki/Changes#version-2.84

twitter.com/benhawkes/statuses/484378151959539712

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.04 Low

EPSS

Percentile

92.1%

JSON

Related for NVD:CVE-2014-4909

nessus6 openvas7 debiancve1 mageia1 debian1 fedora2 cve1 amazon1 ubuntucve1 securityvulns2 ubuntu1 cvelist1 prion1