Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2009-1250
HistoryApr 09, 2009 - 12:30 a.m.

CVE-2009-1250

2009-04-0900:30:00
Debian Security Bug Tracker
security-tracker.debian.org
14

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

EPSS

0.043

Percentile

92.3%

JSON

The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58, and IBM AFS 3.6 before Patch 19, on Linux allows remote attackers to cause a denial of service (system crash) via an RX response with a large error-code value that is interpreted as a pointer and dereferenced, related to use of the ERR_PTR macro.

OSVersionArchitecturePackageVersionFilename
Debian12allopenafs<Β 1.4.10+dfsg1-1openafs_1.4.10+dfsg1-1_all.deb
Debian11allopenafs<Β 1.4.10+dfsg1-1openafs_1.4.10+dfsg1-1_all.deb
Debian999allopenafs<Β 1.4.10+dfsg1-1openafs_1.4.10+dfsg1-1_all.deb

Related

cvelist 1
nvd 1
ubuntucve 1
seebug 1
cve 1
prion 1
openvas 9
securityvulns 4
nessus 5
debian 3
osv 1
gentoo 2
cvelist
cvelist
CVE-2009-1250
2009-04-09 00:00:00
nvd
nvd
CVE-2009-1250
2009-04-09 00:30:00
ubuntucve
ubuntucve
CVE-2009-1250
2009-04-09 00:00:00
seebug
seebug
OpenAFSε‡Ίι”™δ»£η θΏœη¨‹ζ‹’η»ζœεŠ‘ζΌζ΄ž
2009-04-10 00:00:00
cve
cve
CVE-2009-1250
2009-04-09 00:30:00
prion
prion
Null pointer dereference
2009-04-09 00:30:00
openvas
openvas
Mandriva Security Advisory MDVSA-2009:099-1 (openafs)
2009-12-14 00:00:00
Mandrake Security Advisory MDVSA-2009:099 (openafs)
2009-05-05 00:00:00
Gentoo Security Advisory GLSA 201101-05 (OpenAFS)
2011-03-09 00:00:00
securityvulns
securityvulns
[ GLSA 201101-05 ] OpenAFS: Arbitrary code execution
2011-01-19 00:00:00
OpenAFS security vulnerabilities
2011-01-19 00:00:00
[SECURITY] [DSA 1768-1] New openafs packages potential code execution
2009-04-12 00:00:00
nessus
nessus
GLSA-201101-05 : OpenAFS: Arbitrary code execution
2011-01-17 00:00:00
Mandriva Linux Security Advisory : openafs (MDVSA-2009:099-1)
2009-04-28 00:00:00
Scientific Linux Security Update : openafs on SL3.x, SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
debian
debian
[Backports-security-announce] Security Update for openafs
2009-04-10 21:48:30
[Backports-security-announce] Security Update for openafs
2009-04-10 21:38:35
[SECURITY] [DSA 1768-1] New openafs packages potential code execution
2009-04-10 14:51:13
osv
osv
openafs - potential code execution
2009-04-10 00:00:00
gentoo
gentoo
OpenAFS: Arbitrary code execution
2011-01-16 00:00:00
OpenAFS: Multiple vulnerabilities
2014-04-07 00:00:00

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

EPSS

0.043

Percentile

92.3%

JSON
Related for DEBIANCVE:CVE-2009-1250
cvelist1nvd1ubuntucve1seebug1cve1prion1openvas9securityvulns4nessus5debian3osv1gentoo2