Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2004-2409
HistoryAug 18, 2005 - 4:00 a.m.

CVE-2004-2409

2005-08-1804:00:00
mitre
web.nvd.nist.gov
30
cve-2004-2409
buffer overflow
samhain
arbitrary code execution
security vulnerability

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.6

Confidence

High

EPSS

0.001

Percentile

34.7%

JSON

Buffer overflow in the sh_hash_compdata function for Samhain 1.8.9 through 2.0.1, when running in update mode (“-t update”), might allow attackers to execute arbitrary code.

Affected configurations

Nvd
Node
samhain_labssamhainMatch1.8.9
OR
samhain_labssamhainMatch1.8.10
OR
samhain_labssamhainMatch1.8.10a
OR
samhain_labssamhainMatch1.8.10b
OR
samhain_labssamhainMatch1.8.11
OR
samhain_labssamhainMatch1.8.12
OR
samhain_labssamhainMatch1.8.12a
OR
samhain_labssamhainMatch1.8.12b
OR
samhain_labssamhainMatch2.0.0
OR
samhain_labssamhainMatch2.0.1
VendorProductVersionCPE
samhain_labssamhain1.8.9cpe:2.3:a:samhain_labs:samhain:1.8.9:*:*:*:*:*:*:*
samhain_labssamhain1.8.10cpe:2.3:a:samhain_labs:samhain:1.8.10:*:*:*:*:*:*:*
samhain_labssamhain1.8.10acpe:2.3:a:samhain_labs:samhain:1.8.10a:*:*:*:*:*:*:*
samhain_labssamhain1.8.10bcpe:2.3:a:samhain_labs:samhain:1.8.10b:*:*:*:*:*:*:*
samhain_labssamhain1.8.11cpe:2.3:a:samhain_labs:samhain:1.8.11:*:*:*:*:*:*:*
samhain_labssamhain1.8.12cpe:2.3:a:samhain_labs:samhain:1.8.12:*:*:*:*:*:*:*
samhain_labssamhain1.8.12acpe:2.3:a:samhain_labs:samhain:1.8.12a:*:*:*:*:*:*:*
samhain_labssamhain1.8.12bcpe:2.3:a:samhain_labs:samhain:1.8.12b:*:*:*:*:*:*:*
samhain_labssamhain2.0.0cpe:2.3:a:samhain_labs:samhain:2.0.0:*:*:*:*:*:*:*
samhain_labssamhain2.0.1cpe:2.3:a:samhain_labs:samhain:2.0.1:*:*:*:*:*:*:*

Related

cvelist 1
debiancve 1
nvd 1
cvelist
cvelist
CVE-2004-2409
2005-08-18 04:00:00
debiancve
debiancve
CVE-2004-2409
2005-08-18 04:00:00
nvd
nvd
CVE-2004-2409
2004-12-31 05:00:00

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.6

Confidence

High

EPSS

0.001

Percentile

34.7%

JSON
Related for CVE-2004-2409
cvelist1debiancve1nvd1