CVE-2009-3749
Websense Email Security - Denial of Service
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
3
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The Web Administrator service (STEMWADM.EXE) in Websense Personal Email Manager 7.1 before Hotfix 4 and Email Security 7.1 before Hotfix 4 allows remote attackers to cause a denial of service (crash) by sending a HTTP GET request to TCP port 8181 and closing the socket before the service can send a response.
El Web Administrator service (STEMWADM.EXE) en Websense Personal Email Manager v7.1 anterior Hotfix v4 y Email Security v7.1 anterior Hotfix v4 permite a atacantes remotos causar una denegación de servicio (caída) enviando una petición HTTP GET en el puerto TCP 8181 y cerrando el socket antes de que el servicio pueda enviar la respuesta.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2009-10-20 First Exploit
- 2009-10-22 CVE Reserved
- 2009-10-22 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/archive/1/507329/100/0/threaded | Mailing List |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/9980 | 2009-10-20 | |
| http://sotiriu.de/adv/NSOADV-2009-002.txt | 2024-08-07 | |
| http://www.securityfocus.com/bid/36740 | 2024-08-07 |
| URL | Date | SRC |
|---|---|---|
| http://kb.websense.com/article.aspx?article=4786&p=12 | 2018-10-10 | |
| http://kb.websense.com/display/4/kb/article.aspx?aid=4786 | 2018-10-10 |
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/37091 | 2018-10-10 | |
| http://www.vupen.com/english/advisories/2009/2987 | 2018-10-10 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Websense Search vendor "Websense" | Email Security Search vendor "Websense" for product "Email Security" | 7.1 Search vendor "Websense" for product "Email Security" and version "7.1" | - |
Affected
| ||||||
| Websense Search vendor "Websense" | Personal Email Manager Search vendor "Websense" for product "Personal Email Manager" | 7.1 Search vendor "Websense" for product "Personal Email Manager" and version "7.1" | - |
Affected
| ||||||