Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2010/02/25 12:0 a.m.25 views

GLSA-201001-06 : aria2: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201001-06 aria2: Multiple vulnerabilities Tatsuhiro Tsujikawa reported a buffer overflow in DHTRoutingTableDeserializer.cc CVE-2009-3575 and a format string vulnerability in the AbstractCommand::onAbort function in...

10CVSS6.2AI score0.05784EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2010/01/20 12:0 a.m.17 views

Gentoo Security Advisory GLSA 201001-06 (aria2)

The remote host is missing updates announced in advisory GLSA 201001-06. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

10CVSS1.1AI score0.05784EPSS
Exploits1
OpenVAS
OpenVAS
added 2010/01/20 12:0 a.m.16 views

Gentoo Security Advisory GLSA 201001-06 (aria2)

The remote host is missing updates announced in advisory GLSA 201001-06. SPDX-FileCopyrightText: 2010 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

10CVSS6.5AI score0.05784EPSS
Exploits0References2
seebug.org
seebug.org
added 2009/10/22 12:0 a.m.35 views

aria2 AbstractCommand::onAbort()函数格式串漏洞

CVE ID: CVE-2009-3617 aria2是Linux下的高速下载工具。 aria2的src/AbstractCommand.cc文件中的AbstractCommand::onAbort函数存在格式串漏洞。如果启用了日志功能,远程攻击者就可以在下载URI中包含printf格式串标识符触发分段错误,导致拒绝服务的情况。 aria2 1.6.2 厂商补丁: aria2 ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

7.6CVSS6.3AI score0.04892EPSS
Exploits1
NVD
NVD
added 2009/10/20 5:30 p.m.20 views

CVE-2009-3617

Format string vulnerability in the AbstractCommand::onAbort function in src/AbstractCommand.cc in aria2 before 1.6.2, when logging is enabled, allows remote attackers to execute arbitrary code or cause a denial of service application crash via format string specifiers in a download URI. NOTE: som...

7.6CVSS7.7AI score0.04892EPSS
Exploits1References9
CVE
CVE
added 2009/10/20 5:0 p.m.56 views

CVE-2009-3617

CVE-2009-3617 is a format-string vulnerability in aria2’s AbstractCommand::onAbort (src/AbstractCommand.cc) present in aria2 before 1.6.2. When logging is enabled, an attacker could supply a download URI containing printf-style format specifiers to cause arbitrary code execution or a denial of se...

7.6CVSS7.6AI score0.04892EPSS
Exploits1References9Affected Software1
Cvelist
Cvelist
added 2009/10/20 5:0 p.m.27 views

CVE-2009-3617

Format string vulnerability in the AbstractCommand::onAbort function in src/AbstractCommand.cc in aria2 before 1.6.2, when logging is enabled, allows remote attackers to execute arbitrary code or cause a denial of service application crash via format string specifiers in a download URI. NOTE: som...

7.6AI score0.04892EPSS
Exploits1References9
Debian CVE
Debian CVE
added 2009/10/20 5:0 p.m.22 views

CVE-2009-3617

Format string vulnerability in the AbstractCommand::onAbort function in src/AbstractCommand.cc in aria2 before 1.6.2, when logging is enabled, allows remote attackers to execute arbitrary code or cause a denial of service application crash via format string specifiers in a download URI. NOTE: som...

7.6CVSS7.6AI score0.04892EPSS
Exploits1
Rows per page
Query Builder