CVE-2009-1250Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2009-1250 | First vendor Publication | 2009-04-08 |
| Vendor | Cve | Last vendor Modification | 2011-01-26 |
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 7.8 | Attack Range | Network |
| Cvss Impact Score | 6.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentification | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58, and IBM AFS 3.6 before Patch 19, on Linux allows remote attackers to cause a denial of service (system crash) via an RX response with a large error-code value that is interpreted as a pointer and dereferenced, related to use of the ERR_PTR macro. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1250 |
CWE : Common Weakness Enumeration
| id | Name |
|---|---|
| CWE-189 | Numeric Errors |
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 55273 | OpenAFS Client on Linux Cache Manager RX Response Handling Remote DoS |
Internal Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2013-05-10 23:48:17 |
|
(Critical)
