Search criteria
5 vulnerabilities found for Winny by Isamu Kaneko
JVNDB-2010-000030
Vulnerability from jvndb - Published: 2010-08-20 17:18 - Updated:2010-08-20 17:18Summary
Winny vulnerable to buffer overflow
Details
Winny contains a buffer overflow vulnerability.
Winny is a P2P file sharing software. Winny contains a buffer overflow vulnerability.
This vulnerability is different from JVN#21471805 and JVN#74294680.
Moti Joseph and Kobi Pariente reported this vulnerability to JPCERT/CC.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000030.html",
"dc:date": "2010-08-20T17:18+09:00",
"dcterms:issued": "2010-08-20T17:18+09:00",
"dcterms:modified": "2010-08-20T17:18+09:00",
"description": "Winny contains a buffer overflow vulnerability.\r\n\r\nWinny is a P2P file sharing software. Winny contains a buffer overflow vulnerability.\r\nThis vulnerability is different from JVN#21471805 and JVN#74294680.\r\n\r\nMoti Joseph and Kobi Pariente reported this vulnerability to JPCERT/CC.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000030.html",
"sec:cpe": {
"#text": "cpe:/a:winny:winny",
"@product": "Winny",
"@vendor": "Isamu Kaneko",
"@version": "2.2"
},
"sec:cvss": {
"@score": "7.5",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2010-000030",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN91740962/index.html",
"@id": "JVN#91740962",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2360",
"@id": "CVE-2010-2360",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2360",
"@id": "CVE-2010-2360",
"@source": "NVD"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/61275",
"@id": "61275",
"@source": "XF"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-119",
"@title": "Buffer Errors(CWE-119)"
}
],
"title": "Winny vulnerable to buffer overflow"
}
JVNDB-2010-000029
Vulnerability from jvndb - Published: 2010-08-20 17:18 - Updated:2010-08-20 17:18Summary
Winny vulnerable to buffer overflow
Details
Winny contains a buffer overflow vulnerability.
Winny is a P2P file sharing software. Winny contains a buffer overflow vulnerability.
This vulnerability is different from JVN#91740962 and JVN#74294680.
Makoto Iwamura of NTT Information Sharing Platform Laboratories reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
Moti Joseph and Kobi Pariente reported this vulnerability to JPCERT/CC.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
| Type | URL | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000029.html",
"dc:date": "2010-08-20T17:18+09:00",
"dcterms:issued": "2010-08-20T17:18+09:00",
"dcterms:modified": "2010-08-20T17:18+09:00",
"description": "Winny contains a buffer overflow vulnerability.\r\n\r\nWinny is a P2P file sharing software. Winny contains a buffer overflow vulnerability.\r\nThis vulnerability is different from JVN#91740962 and JVN#74294680.\r\n\r\nMakoto Iwamura of NTT Information Sharing Platform Laboratories reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.\r\n\r\nMoti Joseph and Kobi Pariente reported this vulnerability to JPCERT/CC.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000029.html",
"sec:cpe": {
"#text": "cpe:/a:winny:winny",
"@product": "Winny",
"@vendor": "Isamu Kaneko",
"@version": "2.2"
},
"sec:cvss": {
"@score": "7.5",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2010-000029",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN21471805/index.html",
"@id": "JVN#21471805",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2360",
"@id": "CVE-2010-2360",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2360",
"@id": "CVE-2010-2360",
"@source": "NVD"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/61276",
"@id": "61276",
"@source": "XF"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-119",
"@title": "Buffer Errors(CWE-119)"
}
],
"title": "Winny vulnerable to buffer overflow"
}
JVNDB-2010-000027
Vulnerability from jvndb - Published: 2010-08-20 17:17 - Updated:2010-08-20 17:17Summary
Winny BBS information processing vulnerability
Details
Winny contains a vulnerability in the processing of BBS information.
Winny is a P2P file sharing software. Winny contains a vulnerability in the processing of BBS information, which can be used to launch Distributed Denial of Service (DDoS) attacks.
Yuji Ukai of eEye Digital Security reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
| Type | URL | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000027.html",
"dc:date": "2010-08-20T17:17+09:00",
"dcterms:issued": "2010-08-20T17:17+09:00",
"dcterms:modified": "2010-08-20T17:17+09:00",
"description": "Winny contains a vulnerability in the processing of BBS information.\r\n\r\nWinny is a P2P file sharing software. Winny contains a vulnerability in the processing of BBS information, which can be used to launch Distributed Denial of Service (DDoS) attacks.\r\n\r\nYuji Ukai of eEye Digital Security reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000027.html",
"sec:cpe": {
"#text": "cpe:/a:winny:winny",
"@product": "Winny",
"@vendor": "Isamu Kaneko",
"@version": "2.2"
},
"sec:cvss": {
"@score": "5.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2010-000027",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN54336184/index.html",
"@id": "JVN#54336184",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2361",
"@id": "CVE-2010-2361",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2361",
"@id": "CVE-2010-2361",
"@source": "NVD"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/61278",
"@id": "61278",
"@source": "XF"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Winny BBS information processing vulnerability"
}
JVNDB-2010-000028
Vulnerability from jvndb - Published: 2010-08-20 17:17 - Updated:2010-08-20 17:17Summary
Winny node information processing vulnerability
Details
Winny contains a vulnerability in the processing of node information.
Winny is a P2P file sharing software. Winny contains a vulnerability in the processing of node information, which can be used to launch Distributed Denial of Service (DDoS) attacks.
Fuyumasa Takatsu of University of Tsukuba reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
| Type | URL | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000028.html",
"dc:date": "2010-08-20T17:17+09:00",
"dcterms:issued": "2010-08-20T17:17+09:00",
"dcterms:modified": "2010-08-20T17:17+09:00",
"description": "Winny contains a vulnerability in the processing of node information.\r\n\r\nWinny is a P2P file sharing software. Winny contains a vulnerability in the processing of node information, which can be used to launch Distributed Denial of Service (DDoS) attacks.\r\n\r\nFuyumasa Takatsu of University of Tsukuba reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000028.html",
"sec:cpe": {
"#text": "cpe:/a:winny:winny",
"@product": "Winny",
"@vendor": "Isamu Kaneko",
"@version": "2.2"
},
"sec:cvss": {
"@score": "5.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2010-000028",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN25393522/index.html",
"@id": "JVN#25393522",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2362",
"@id": "CVE-2010-2362",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2362",
"@id": "CVE-2010-2362",
"@source": "NVD"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/61277",
"@id": "61277",
"@source": "XF"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Winny node information processing vulnerability"
}
JVNDB-2006-000614
Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00Summary
Winny buffer overflow vulnerability
Details
Winny, P2P file-sharing (exchange) software, contains a buffer overflow vulnerability.
As of May 25, 2006, exploit information is publicly available. Currently we are not aware of any attacks. It is recommended that users avoid using Winny.
References
| Type | URL | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000614.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "Winny, P2P file-sharing (exchange) software, contains a buffer overflow vulnerability.\r\n\r\nAs of May 25, 2006, exploit information is publicly available. Currently we are not aware of any attacks. It is recommended that users avoid using Winny.",
"link": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000614.html",
"sec:cpe": {
"#text": "cpe:/a:winny:winny",
"@product": "Winny",
"@vendor": "Isamu Kaneko",
"@version": "2.2"
},
"sec:cvss": {
"@score": "7.5",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2006-000614",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN74294680/index.html",
"@id": "JVN#74294680",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2007",
"@id": "CVE-2006-2007",
"@source": "CVE"
},
{
"#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-2007",
"@id": "CVE-2006-2007",
"@source": "NVD"
},
{
"#text": "http://www.kb.cert.org/vuls/id/167033",
"@id": "VU#167033",
"@source": "CERT-VN"
},
{
"#text": "http://secunia.com/advisories/19795",
"@id": "SA1979",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/17666",
"@id": "17666",
"@source": "BID"
},
{
"#text": "http://www.frsirt.com/english/advisories/2006/1486",
"@id": "FrSIRT/ADV-2006-1486",
"@source": "FRSIRT"
},
{
"#text": "http://www.osvdb.org/24883",
"@id": "24883",
"@source": "OSVDB"
}
],
"title": "Winny buffer overflow vulnerability"
}