CVSS: 7.5EPSS: 15%CPEs: 15EXPL: 3CVE-2009-0949 – CUPS 1.3.9 - 'cups/ipp.c' Null Pointer Dereference Denial of Service
https://notcve.org/view.php?id=CVE-2009-0949
09 Jun 2009 — The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler request with two consecutive IPP_TAG_UNSUPPORTED tags. La función ippReadIO en cups/ipp.c en cupsd en CUPS antes de la versión 1.3.10 no inicia de manera apropiada la memoria para paquetes de solicitud IPP, lo que permite a atacantes remotos provocar una denegació... • https://www.exploit-db.com/exploits/33020 • CWE-476: NULL Pointer Dereference CWE-908: Use of Uninitialized Resource •
CVSS: 7.5EPSS: 3%CPEs: 13EXPL: 1CVE-2009-1955 – Apache mod_dav / svn - Remote Denial of Service
https://notcve.org/view.php?id=CVE-2009-1955
06 Jun 2009 — The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, as demonstrated by a PROPFIND request, a similar issue to CVE-2003-1564. El parseador XML en el interfaz apr_xml_* en xml/apr_xml.c en Apache APR-util anteriores a v1.3.7 tal y como es... • https://www.exploit-db.com/exploits/8842 • CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •
CVSS: 9.8EPSS: 4%CPEs: 6EXPL: 2CVE-2009-1956 – apr-util single NULL byte buffer overflow
https://notcve.org/view.php?id=CVE-2009-1956
06 Jun 2009 — Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input. Error de superación de límite (off-by-one) en la función apr_brigade_vprintf de Apache APR-util anterior a v1.3.5 en plataformas big-endian, permite a atacantes remotos obtener información sensible o provocar una denegación de servicio (caída de la aplicación) a través de una en... • http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html • CWE-189: Numeric Errors •
CVSS: 4.7EPSS: 0%CPEs: 15EXPL: 5CVE-2009-1961 – Linux Kernel 2.6.x - 'splice' Double Lock Local Denial of Service
https://notcve.org/view.php?id=CVE-2009-1961
06 Jun 2009 — The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service (prevention of file creation and removal) via a series of splice system calls that trigger a deadlock between the generic_file_splice_write, splice_from_pipe, and ocfs2_file_splice_write functions. El código de doble bloqueo del inodo de fs/ocfs2/file.c del kernel de Linux v2.... • https://www.exploit-db.com/exploits/33015 • CWE-667: Improper Locking •
CVSS: 7.5EPSS: 48%CPEs: 8EXPL: 3CVE-2009-1386 – OpenSSL < 0.9.8i - DTLS ChangeCipherSpec Remote Denial of Service
https://notcve.org/view.php?id=CVE-2009-1386
04 Jun 2009 — ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello. ssl/s3_pkt.c en OpenSSL anteriores a v0.9.8i permite a los atacantes remotos, causar una denegación de servicios (puntero NULO desreferenciado y caída del "daemon"), a través de un paquete ChangeCipherSpec DTLs que ocurre antes de ClientHello. • https://packetstorm.news/files/id/180494 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 12%CPEs: 8EXPL: 0CVE-2009-1387 – openssl: DTLS out-of-sequence message handling NULL deref DoS
https://notcve.org/view.php?id=CVE-2009-1387
04 Jun 2009 — The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a "fragment bug." La función dtls1_retrieve_buffered_fragment en ssl/d1_both.c en OpenSSL anteriores a v1.0.0 Beta 2 permite a los atacantes causar una denegación de servicios (puntero NULO desreferenciado y caída de "daemon") a través de un mensaje "handshake" D... • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-009.txt.asc • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 0CVE-2009-1633 – kernel: cifs: fix potential buffer overruns when converting unicode strings sent by server
https://notcve.org/view.php?id=CVE-2009-1633
28 May 2009 — Multiple buffer overflows in the cifs subsystem in the Linux kernel before 2.6.29.4 allow remote CIFS servers to cause a denial of service (memory corruption) and possibly have unspecified other impact via (1) a malformed Unicode string, related to Unicode string area alignment in fs/cifs/sess.c; or (2) long Unicode characters, related to fs/cifs/cifssmb.c and the cifs_readdir function in fs/cifs/readdir.c. Múltiples desbordamientos de búfer en el subsistema cifs en el kernel de Linux anterior a v2.6.29.4 p... • http://git.kernel.org/?p=linux/kernel/git/sfrench/cifs-2.6.git%3Ba=commit%3Bh=7b0c8fcff47a885743125dd843db64af41af5a61 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 4%CPEs: 5EXPL: 2CVE-2009-1378 – OpenSSL: DTLS fragment handling memory DoS
https://notcve.org/view.php?id=CVE-2009-1378
19 May 2009 — Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka "DTLS fragment handling memory leak." Múltiples fugas de memoria en la función dtls1_process_out_of_seq_message en ssl/d1_both.c en OpenSSL v0.9.8k y anteriores permite a atacantes remotos... • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-009.txt.asc • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 3CVE-2009-1630 – kernel: nfs: fix NFS v4 client handling of MAY_EXEC in nfs_permission
https://notcve.org/view.php?id=CVE-2009-1630
14 May 2009 — The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier, when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass permissions and execute files, as demonstrated by files on an NFSv4 fileserver. La función nfs_permission en fs/nfs/dir.c en la implementación cliente NFS en Linux kernel v2.6.29.3 y versiones anteriores, cuando atomic_open está activo, no comprueba la ejecución (... • http://article.gmane.org/gmane.linux.nfs/26592 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 5%CPEs: 5EXPL: 0CVE-2009-1191 – httpd mod_proxy_ajp information disclosure
https://notcve.org/view.php?id=CVE-2009-1191
23 Apr 2009 — mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server 2.2.11 allows remote attackers to obtain sensitive response data, intended for a client that sent an earlier POST request with no request body, via an HTTP request. mod_proxy_ajp.c en el módulo mod_proxy_ajp en el servidor HTTP Apache v2.2.11 permite a atacantes remotos obtener datos de respuesta sensibles, lo que esta previsto para un cliente que envío una petición POST temprana sin cuerpo de petición, a través de una petición HTTP. • http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html •