Lucene search

[email protected]NVD:CVE-2009-0544

HistoryFeb 12, 2009 - 5:30 p.m.

CVE-2009-0544

2009-02-1217:30:00

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.6

Confidence

Low

EPSS

0.321

Percentile

97.0%

JSON

Buffer overflow in the PyCrypto ARC2 module 2.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large ARC2 key length.

Affected configurations

Nvd

Node

pycryptoarc2Match2.0.1

VendorProductVersionCPE
pycryptoarc22.0.1cpe:2.3:a:pycrypto:arc2:2.0.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
pycrypto	arc2	2.0.1	cpe:2.3:a:pycrypto:arc2:2.0.1:::::::*

References

gitweb2.dlitz.net/?p=crypto/pycrypto-2.x.git%3Ba=commitdiff%3Bh=d1c4875e1f220652fe7ff8358f56dee3b2aba31b

gitweb2.dlitz.net/?p=crypto/pycrypto-2.x.git%3Ba=commitdiff%3Bh=fd73731dfad451a81056fbb01e09aa78ab82eb5d

lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html

secunia.com/advisories/34199

secunia.com/advisories/35065

www.gentoo.org/security/en/glsa/glsa-200903-11.xml

www.mandriva.com/security/advisories?name=MDVSA-2009:049

www.mandriva.com/security/advisories?name=MDVSA-2009:050

www.openwall.com/lists/oss-security/2009/02/07/1

www.openwall.com/lists/oss-security/2009/02/12/5

www.securityfocus.com/bid/33674

exchange.xforce.ibmcloud.com/vulnerabilities/48617

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.6

Confidence

Low

EPSS

0.321

Percentile

97.0%

JSON

Related for NVD:CVE-2009-0544

securityvulns2 nessus8 prion1 seebug1 cvelist1 cve1 openvas21 ubuntu1 exploitdb1 gentoo1 ubuntucve1 debian1 debiancve1