Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
6 vulnerabilities by barnowl
CVE-2010-2725 (GCVE-0-2010-2725)
Vulnerability from nvd – Published: 2010-08-04 19:00 – Updated: 2024-09-16 18:44
VLAI
EPSS
VEX
Summary
BarnOwl before 1.6.2 does not check the return code of calls to the (1) ZPending and (2) ZReceiveNotice functions in libzephyr, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://github.com/barnowl/barnowl/blob/barnowl-1.… | x_refsource_CONFIRM |
| http://barnowl.mit.edu/wiki/release-notes/1.6.2 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:46:47.249Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://github.com/barnowl/barnowl/blob/barnowl-1.6.2/ChangeLog"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://barnowl.mit.edu/wiki/release-notes/1.6.2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BarnOwl before 1.6.2 does not check the return code of calls to the (1) ZPending and (2) ZReceiveNotice functions in libzephyr, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-08-04T19:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://github.com/barnowl/barnowl/blob/barnowl-1.6.2/ChangeLog"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://barnowl.mit.edu/wiki/release-notes/1.6.2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2725",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "BarnOwl before 1.6.2 does not check the return code of calls to the (1) ZPending and (2) ZReceiveNotice functions in libzephyr, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://github.com/barnowl/barnowl/blob/barnowl-1.6.2/ChangeLog",
"refsource": "CONFIRM",
"url": "http://github.com/barnowl/barnowl/blob/barnowl-1.6.2/ChangeLog"
},
{
"name": "http://barnowl.mit.edu/wiki/release-notes/1.6.2",
"refsource": "CONFIRM",
"url": "http://barnowl.mit.edu/wiki/release-notes/1.6.2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2725",
"datePublished": "2010-08-04T19:00:00.000Z",
"dateReserved": "2010-07-14T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:44:18.936Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0793 (GCVE-0-2010-0793)
Vulnerability from nvd – Published: 2010-03-16 19:00 – Updated: 2024-08-07 00:59
VLAI
EPSS
VEX
Summary
Buffer overflow in BarnOwl before 1.5.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted CC: header.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2010/1218 | vdb-entryx_refsource_VUPEN |
| http://barnowl.mit.edu/wiki/barnowl-1.5.1-announce | x_refsource_CONFIRM |
| http://www.debian.org/security/2010/dsa-2049 | vendor-advisoryx_refsource_DEBIAN |
| http://secunia.com/advisories/39908 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2010-03-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:59:39.194Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2010-1218",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1218"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://barnowl.mit.edu/wiki/barnowl-1.5.1-announce"
},
{
"name": "DSA-2049",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2049"
},
{
"name": "39908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39908"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-03-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in BarnOwl before 1.5.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted CC: header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-04-30T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2010-1218",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1218"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://barnowl.mit.edu/wiki/barnowl-1.5.1-announce"
},
{
"name": "DSA-2049",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2049"
},
{
"name": "39908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39908"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0793",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in BarnOwl before 1.5.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted CC: header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2010-1218",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1218"
},
{
"name": "http://barnowl.mit.edu/wiki/barnowl-1.5.1-announce",
"refsource": "CONFIRM",
"url": "http://barnowl.mit.edu/wiki/barnowl-1.5.1-announce"
},
{
"name": "DSA-2049",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2049"
},
{
"name": "39908",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39908"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0793",
"datePublished": "2010-03-16T19:00:00.000Z",
"dateReserved": "2010-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:59:39.194Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0363 (GCVE-0-2009-0363)
Vulnerability from nvd – Published: 2009-02-17 17:00 – Updated: 2024-08-07 04:31
VLAI
EPSS
VEX
Summary
Multiple buffer overflows in (a) BarnOwl before 1.0.5 and (b) owl 2.1.11 allow remote attackers to execute arbitrary code via vectors involving (1) a crafted zcrypt message, related to zcrypt.c; (2) a reply command on a message with a Zephyr Cc: list, related to zwrite.c; and unspecified other use of the products.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://barnowl.mit.edu/wiki/barnowl-1.0.5-announce | x_refsource_CONFIRM |
| https://bugs.launchpad.net/ubuntu/+source/owl/+bu… | x_refsource_CONFIRM |
| http://www.mail-archive.com/debian-testing-securi… | mailing-listx_refsource_MLIST |
| http://bugs.debian.org/515118 | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://barnowl.mit.edu/browser/ChangeLog | x_refsource_CONFIRM |
Date Public
2009-02-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:31:25.616Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://barnowl.mit.edu/wiki/barnowl-1.0.5-announce"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/owl/+bug/329165"
},
{
"name": "[debian-testing-security-announce] 20090213 Security update for Debian Testing - 2009-02-14",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.mail-archive.com/debian-testing-security-announce%40lists.debian.org/msg00173.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/515118"
},
{
"name": "barnowl-owl-zcrypt-bo(48824)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48824"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://barnowl.mit.edu/browser/ChangeLog"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-02-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in (a) BarnOwl before 1.0.5 and (b) owl 2.1.11 allow remote attackers to execute arbitrary code via vectors involving (1) a crafted zcrypt message, related to zcrypt.c; (2) a reply command on a message with a Zephyr Cc: list, related to zwrite.c; and unspecified other use of the products."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://barnowl.mit.edu/wiki/barnowl-1.0.5-announce"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/owl/+bug/329165"
},
{
"name": "[debian-testing-security-announce] 20090213 Security update for Debian Testing - 2009-02-14",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.mail-archive.com/debian-testing-security-announce%40lists.debian.org/msg00173.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/515118"
},
{
"name": "barnowl-owl-zcrypt-bo(48824)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48824"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://barnowl.mit.edu/browser/ChangeLog"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0363",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in (a) BarnOwl before 1.0.5 and (b) owl 2.1.11 allow remote attackers to execute arbitrary code via vectors involving (1) a crafted zcrypt message, related to zcrypt.c; (2) a reply command on a message with a Zephyr Cc: list, related to zwrite.c; and unspecified other use of the products."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://barnowl.mit.edu/wiki/barnowl-1.0.5-announce",
"refsource": "CONFIRM",
"url": "http://barnowl.mit.edu/wiki/barnowl-1.0.5-announce"
},
{
"name": "https://bugs.launchpad.net/ubuntu/+source/owl/+bug/329165",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/owl/+bug/329165"
},
{
"name": "[debian-testing-security-announce] 20090213 Security update for Debian Testing - 2009-02-14",
"refsource": "MLIST",
"url": "http://www.mail-archive.com/debian-testing-security-announce@lists.debian.org/msg00173.html"
},
{
"name": "http://bugs.debian.org/515118",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/515118"
},
{
"name": "barnowl-owl-zcrypt-bo(48824)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48824"
},
{
"name": "http://barnowl.mit.edu/browser/ChangeLog",
"refsource": "CONFIRM",
"url": "http://barnowl.mit.edu/browser/ChangeLog"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0363",
"datePublished": "2009-02-17T17:00:00.000Z",
"dateReserved": "2009-01-29T00:00:00.000Z",
"dateUpdated": "2024-08-07T04:31:25.616Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2725 (GCVE-0-2010-2725)
Vulnerability from cvelistv5 – Published: 2010-08-04 19:00 – Updated: 2024-09-16 18:44
VLAI
EPSS
VEX
Summary
BarnOwl before 1.6.2 does not check the return code of calls to the (1) ZPending and (2) ZReceiveNotice functions in libzephyr, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://github.com/barnowl/barnowl/blob/barnowl-1.… | x_refsource_CONFIRM |
| http://barnowl.mit.edu/wiki/release-notes/1.6.2 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:46:47.249Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://github.com/barnowl/barnowl/blob/barnowl-1.6.2/ChangeLog"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://barnowl.mit.edu/wiki/release-notes/1.6.2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BarnOwl before 1.6.2 does not check the return code of calls to the (1) ZPending and (2) ZReceiveNotice functions in libzephyr, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-08-04T19:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://github.com/barnowl/barnowl/blob/barnowl-1.6.2/ChangeLog"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://barnowl.mit.edu/wiki/release-notes/1.6.2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2725",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "BarnOwl before 1.6.2 does not check the return code of calls to the (1) ZPending and (2) ZReceiveNotice functions in libzephyr, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://github.com/barnowl/barnowl/blob/barnowl-1.6.2/ChangeLog",
"refsource": "CONFIRM",
"url": "http://github.com/barnowl/barnowl/blob/barnowl-1.6.2/ChangeLog"
},
{
"name": "http://barnowl.mit.edu/wiki/release-notes/1.6.2",
"refsource": "CONFIRM",
"url": "http://barnowl.mit.edu/wiki/release-notes/1.6.2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2725",
"datePublished": "2010-08-04T19:00:00.000Z",
"dateReserved": "2010-07-14T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:44:18.936Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0793 (GCVE-0-2010-0793)
Vulnerability from cvelistv5 – Published: 2010-03-16 19:00 – Updated: 2024-08-07 00:59
VLAI
EPSS
VEX
Summary
Buffer overflow in BarnOwl before 1.5.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted CC: header.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2010/1218 | vdb-entryx_refsource_VUPEN |
| http://barnowl.mit.edu/wiki/barnowl-1.5.1-announce | x_refsource_CONFIRM |
| http://www.debian.org/security/2010/dsa-2049 | vendor-advisoryx_refsource_DEBIAN |
| http://secunia.com/advisories/39908 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2010-03-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:59:39.194Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2010-1218",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1218"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://barnowl.mit.edu/wiki/barnowl-1.5.1-announce"
},
{
"name": "DSA-2049",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2049"
},
{
"name": "39908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39908"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-03-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in BarnOwl before 1.5.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted CC: header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-04-30T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2010-1218",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1218"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://barnowl.mit.edu/wiki/barnowl-1.5.1-announce"
},
{
"name": "DSA-2049",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2049"
},
{
"name": "39908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39908"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0793",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in BarnOwl before 1.5.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted CC: header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2010-1218",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1218"
},
{
"name": "http://barnowl.mit.edu/wiki/barnowl-1.5.1-announce",
"refsource": "CONFIRM",
"url": "http://barnowl.mit.edu/wiki/barnowl-1.5.1-announce"
},
{
"name": "DSA-2049",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2049"
},
{
"name": "39908",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39908"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0793",
"datePublished": "2010-03-16T19:00:00.000Z",
"dateReserved": "2010-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:59:39.194Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0363 (GCVE-0-2009-0363)
Vulnerability from cvelistv5 – Published: 2009-02-17 17:00 – Updated: 2024-08-07 04:31
VLAI
EPSS
VEX
Summary
Multiple buffer overflows in (a) BarnOwl before 1.0.5 and (b) owl 2.1.11 allow remote attackers to execute arbitrary code via vectors involving (1) a crafted zcrypt message, related to zcrypt.c; (2) a reply command on a message with a Zephyr Cc: list, related to zwrite.c; and unspecified other use of the products.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://barnowl.mit.edu/wiki/barnowl-1.0.5-announce | x_refsource_CONFIRM |
| https://bugs.launchpad.net/ubuntu/+source/owl/+bu… | x_refsource_CONFIRM |
| http://www.mail-archive.com/debian-testing-securi… | mailing-listx_refsource_MLIST |
| http://bugs.debian.org/515118 | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://barnowl.mit.edu/browser/ChangeLog | x_refsource_CONFIRM |
Date Public
2009-02-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:31:25.616Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://barnowl.mit.edu/wiki/barnowl-1.0.5-announce"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/owl/+bug/329165"
},
{
"name": "[debian-testing-security-announce] 20090213 Security update for Debian Testing - 2009-02-14",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.mail-archive.com/debian-testing-security-announce%40lists.debian.org/msg00173.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/515118"
},
{
"name": "barnowl-owl-zcrypt-bo(48824)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48824"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://barnowl.mit.edu/browser/ChangeLog"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-02-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in (a) BarnOwl before 1.0.5 and (b) owl 2.1.11 allow remote attackers to execute arbitrary code via vectors involving (1) a crafted zcrypt message, related to zcrypt.c; (2) a reply command on a message with a Zephyr Cc: list, related to zwrite.c; and unspecified other use of the products."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://barnowl.mit.edu/wiki/barnowl-1.0.5-announce"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/owl/+bug/329165"
},
{
"name": "[debian-testing-security-announce] 20090213 Security update for Debian Testing - 2009-02-14",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.mail-archive.com/debian-testing-security-announce%40lists.debian.org/msg00173.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/515118"
},
{
"name": "barnowl-owl-zcrypt-bo(48824)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48824"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://barnowl.mit.edu/browser/ChangeLog"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0363",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in (a) BarnOwl before 1.0.5 and (b) owl 2.1.11 allow remote attackers to execute arbitrary code via vectors involving (1) a crafted zcrypt message, related to zcrypt.c; (2) a reply command on a message with a Zephyr Cc: list, related to zwrite.c; and unspecified other use of the products."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://barnowl.mit.edu/wiki/barnowl-1.0.5-announce",
"refsource": "CONFIRM",
"url": "http://barnowl.mit.edu/wiki/barnowl-1.0.5-announce"
},
{
"name": "https://bugs.launchpad.net/ubuntu/+source/owl/+bug/329165",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/owl/+bug/329165"
},
{
"name": "[debian-testing-security-announce] 20090213 Security update for Debian Testing - 2009-02-14",
"refsource": "MLIST",
"url": "http://www.mail-archive.com/debian-testing-security-announce@lists.debian.org/msg00173.html"
},
{
"name": "http://bugs.debian.org/515118",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/515118"
},
{
"name": "barnowl-owl-zcrypt-bo(48824)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48824"
},
{
"name": "http://barnowl.mit.edu/browser/ChangeLog",
"refsource": "CONFIRM",
"url": "http://barnowl.mit.edu/browser/ChangeLog"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0363",
"datePublished": "2009-02-17T17:00:00.000Z",
"dateReserved": "2009-01-29T00:00:00.000Z",
"dateUpdated": "2024-08-07T04:31:25.616Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}