Search criteria
3 vulnerabilities found for multi_network_firewall by mandriva
FKIE_CVE-2009-0912
Vulnerability from fkie_nvd - Published: 2009-03-16 17:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
perl-MDK-Common 1.1.11 and 1.1.24, 1.2.9 through 1.2.14, and possibly other versions, in Mandriva Linux does not properly handle strings when writing them to configuration files, which allows attackers to gain privileges via "special characters" in unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mandriva | multi_network_firewall | 2.0 | |
| mandriva | linux | 2008.0 | |
| mandriva | linux | 2008.0 | |
| mandriva | linux | 2008.1 | |
| mandriva | linux | 2008.1 | |
| mandriva | linux | 2009.0 | |
| mandriva | linux | 2009.0 | |
| mandriva | linux_corporate_server | 3.0 | |
| mandriva | linux_corporate_server | 3.0 | |
| mandriva | linux_corporate_server | 4.0 | |
| mandriva | linux_corporate_server | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mandriva:multi_network_firewall:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4DCD4AE9-A466-4413-A0C8-5509CBC8DA33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandriva:linux:2008.0:*:*:*:*:*:*:*",
"matchCriteriaId": "107F6BEE-C3CB-460A-B574-16D031D823AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandriva:linux:2008.0:-:x86_64:*:*:*:*:*",
"matchCriteriaId": "29197BBD-0C26-41ED-A972-E730216CC742",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandriva:linux:2008.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9E024B17-9AEE-40AD-9EDC-3BC0FBB53BE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandriva:linux:2008.1:-:x86_64:*:*:*:*:*",
"matchCriteriaId": "E6DCA59C-F054-4726-9A63-CF9419F7DC28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandriva:linux:2009.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F90D927-CBCD-4432-9C04-A5F040D8F337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:*",
"matchCriteriaId": "BA4E53C3-30E4-4FA2-8431-AC592966F4B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandriva:linux_corporate_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2E9E33-9EF8-4D35-AC4F-CC371682EB2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandriva:linux_corporate_server:3.0:-:x86_64:*:*:*:*:*",
"matchCriteriaId": "264BA60D-3B77-424B-907D-0B168C831787",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandriva:linux_corporate_server:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6579A7-D98C-406F-B621-7E111EF875B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandriva:linux_corporate_server:4.0:-:x86_64:*:*:*:*:*",
"matchCriteriaId": "7CE263F7-5E3E-4007-AEDE-E6BDE42B3081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "perl-MDK-Common 1.1.11 and 1.1.24, 1.2.9 through 1.2.14, and possibly other versions, in Mandriva Linux does not properly handle strings when writing them to configuration files, which allows attackers to gain privileges via \"special characters\" in unspecified vectors."
},
{
"lang": "es",
"value": "perl-MDK-Common v1.1.11 y v1.1.24, v1.2.9 hasta v1.2.14, y posiblemente otras versiones, en Mandriva Linux no maneja correctamente las cadenas de caracteres cuando las a\u00f1ade a ficheros de configuraci\u00f3n, permitiendo a atacantes remotos obtener privilegios mediante \"caracteres especiales\" en vectores no especificados."
}
],
"id": "CVE-2009-0912",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-03-16T17:30:00.390",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:072"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/34089"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0688"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:072"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/34089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0688"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49220"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2009-0912 (GCVE-0-2009-0912)
Vulnerability from cvelistv5 – Published: 2009-03-16 17:00 – Updated: 2024-08-07 04:57
VLAI?
Summary
perl-MDK-Common 1.1.11 and 1.1.24, 1.2.9 through 1.2.14, and possibly other versions, in Mandriva Linux does not properly handle strings when writing them to configuration files, which allows attackers to gain privileges via "special characters" in unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:57:16.327Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "perlmdkcommon-unspecified-priv-escalation(49220)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49220"
},
{
"name": "34089",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34089"
},
{
"name": "MDVSA-2009:072",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:072"
},
{
"name": "ADV-2009-0688",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0688"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "perl-MDK-Common 1.1.11 and 1.1.24, 1.2.9 through 1.2.14, and possibly other versions, in Mandriva Linux does not properly handle strings when writing them to configuration files, which allows attackers to gain privileges via \"special characters\" in unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "perlmdkcommon-unspecified-priv-escalation(49220)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49220"
},
{
"name": "34089",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34089"
},
{
"name": "MDVSA-2009:072",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:072"
},
{
"name": "ADV-2009-0688",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0688"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0912",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "perl-MDK-Common 1.1.11 and 1.1.24, 1.2.9 through 1.2.14, and possibly other versions, in Mandriva Linux does not properly handle strings when writing them to configuration files, which allows attackers to gain privileges via \"special characters\" in unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "perlmdkcommon-unspecified-priv-escalation(49220)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49220"
},
{
"name": "34089",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34089"
},
{
"name": "MDVSA-2009:072",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:072"
},
{
"name": "ADV-2009-0688",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0688"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0912",
"datePublished": "2009-03-16T17:00:00",
"dateReserved": "2009-03-16T00:00:00",
"dateUpdated": "2024-08-07T04:57:16.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0912 (GCVE-0-2009-0912)
Vulnerability from nvd – Published: 2009-03-16 17:00 – Updated: 2024-08-07 04:57
VLAI?
Summary
perl-MDK-Common 1.1.11 and 1.1.24, 1.2.9 through 1.2.14, and possibly other versions, in Mandriva Linux does not properly handle strings when writing them to configuration files, which allows attackers to gain privileges via "special characters" in unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:57:16.327Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "perlmdkcommon-unspecified-priv-escalation(49220)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49220"
},
{
"name": "34089",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34089"
},
{
"name": "MDVSA-2009:072",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:072"
},
{
"name": "ADV-2009-0688",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0688"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "perl-MDK-Common 1.1.11 and 1.1.24, 1.2.9 through 1.2.14, and possibly other versions, in Mandriva Linux does not properly handle strings when writing them to configuration files, which allows attackers to gain privileges via \"special characters\" in unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "perlmdkcommon-unspecified-priv-escalation(49220)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49220"
},
{
"name": "34089",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34089"
},
{
"name": "MDVSA-2009:072",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:072"
},
{
"name": "ADV-2009-0688",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0688"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0912",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "perl-MDK-Common 1.1.11 and 1.1.24, 1.2.9 through 1.2.14, and possibly other versions, in Mandriva Linux does not properly handle strings when writing them to configuration files, which allows attackers to gain privileges via \"special characters\" in unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "perlmdkcommon-unspecified-priv-escalation(49220)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49220"
},
{
"name": "34089",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34089"
},
{
"name": "MDVSA-2009:072",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:072"
},
{
"name": "ADV-2009-0688",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0688"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0912",
"datePublished": "2009-03-16T17:00:00",
"dateReserved": "2009-03-16T00:00:00",
"dateUpdated": "2024-08-07T04:57:16.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}