cvelistv5 - cve-2009-4420

CVE-2009-4420 (GCVE-0-2009-4420)

Vulnerability from cvelistv5 – Published: 2009-12-24 17:00 – Updated: 2024-08-07 07:01

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.securitytracker.com/id?1023386	vdb-entryx_refsource_SECTRACK
	https://support.f5.com/kb/en-us/solutions/public/…	x_refsource_CONFIRM
	http://osvdb.org/61297	vdb-entryx_refsource_OSVDB
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.vupen.com/english/advisories/2009/3627	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/37805	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/37452	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T07:01:20.167Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1023386",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1023386"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html"
          },
          {
            "name": "61297",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/61297"
          },
          {
            "name": "bigip-asm-psm-bd-dos(55005)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55005"
          },
          {
            "name": "ADV-2009-3627",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/3627"
          },
          {
            "name": "37805",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37805"
          },
          {
            "name": "37452",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/37452"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-12-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors.  NOTE: some of these details are obtained from third party information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1023386",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1023386"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html"
        },
        {
          "name": "61297",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/61297"
        },
        {
          "name": "bigip-asm-psm-bd-dos(55005)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55005"
        },
        {
          "name": "ADV-2009-3627",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/3627"
        },
        {
          "name": "37805",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37805"
        },
        {
          "name": "37452",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/37452"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-4420",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors.  NOTE: some of these details are obtained from third party information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1023386",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1023386"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html"
            },
            {
              "name": "61297",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/61297"
            },
            {
              "name": "bigip-asm-psm-bd-dos(55005)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55005"
            },
            {
              "name": "ADV-2009-3627",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/3627"
            },
            {
              "name": "37805",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/37805"
            },
            {
              "name": "37452",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/37452"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-4420",
    "datePublished": "2009-12-24T17:00:00",
    "dateReserved": "2009-12-24T00:00:00",
    "dateUpdated": "2024-08-07T07:01:20.167Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2691943C-1FD1-43EE-B070-E35710E426ED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:f5:big-ip_application_security_manager:9.4.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CEABC433-37BD-4A53-A872-92564807F022\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:f5:big-ip_application_security_manager:9.4.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"409B66AC-292F-426D-A908-D6D865A25CA8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:f5:big-ip_application_security_manager:9.4.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AEAA4B9A-B1FB-4273-A0B3-A69F49D940D8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:f5:big-ip_application_security_manager:9.4.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"44D22108-C65D-4BB4-8141-B05F053863BD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:f5:big-ip_application_security_manager:10.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B42FE789-9F15-4450-B1B8-7D2A044A26A8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:f5:big-ip_application_security_manager:10.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B598A78-EF2C-461F-844E-84B0971A2F5D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:f5:big-ip_protocol_security_manager:9.4.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5AE2CC21-3B8B-443B-A427-482B8A9D80DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:f5:big-ip_protocol_security_manager:9.4.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"50191BEE-7001-43DC-8AEE-01E233594752\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:f5:big-ip_protocol_security_manager:9.4.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"178C7BDD-639E-4472-BEDE-9187CD50DA4F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:f5:big-ip_protocol_security_manager:10.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07B38707-9BD0-4E41-93A4-CCDDF1E8BC73\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors.  NOTE: some of these details are obtained from third party information.\"}, {\"lang\": \"es\", \"value\": \"Desbordamiento de buffer en el demonio bd en F5 Networks BIG-IP Application Security Manager (ASM) v9.4.4 hasta v9.4.7 y v10.0.0 hasta v10.0.1, y Protocol Security Manager (PSM) v9.4.5 hasta v9.4.7 y v10.0.0 hasta v10.0.1, permite a atacantes remotos causar una denegaci\\u00f3n de servicio (ca\\u00edda) a trav\\u00e9s de vectores desconocidos. NOTA: algunos de estos detalles se han obtenido de informaci\\u00f3n de terceros.\"}]",
      "id": "CVE-2009-4420",
      "lastModified": "2024-11-21T01:09:36.150",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2009-12-24T17:30:00.280",
      "references": "[{\"url\": \"http://osvdb.org/61297\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/37805\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/37452\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securitytracker.com/id?1023386\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3627\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/55005\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://osvdb.org/61297\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/37805\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/37452\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1023386\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3627\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/55005\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2009-4420\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2009-12-24T17:30:00.280\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors.  NOTE: some of these details are obtained from third party information.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de buffer en el demonio bd en F5 Networks BIG-IP Application Security Manager (ASM) v9.4.4 hasta v9.4.7 y v10.0.0 hasta v10.0.1, y Protocol Security Manager (PSM) v9.4.5 hasta v9.4.7 y v10.0.0 hasta v10.0.1, permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de vectores desconocidos. NOTA: algunos de estos detalles se han obtenido de informaci\u00f3n de terceros.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2691943C-1FD1-43EE-B070-E35710E426ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:f5:big-ip_application_security_manager:9.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEABC433-37BD-4A53-A872-92564807F022\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:f5:big-ip_application_security_manager:9.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"409B66AC-292F-426D-A908-D6D865A25CA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:f5:big-ip_application_security_manager:9.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AEAA4B9A-B1FB-4273-A0B3-A69F49D940D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:f5:big-ip_application_security_manager:9.4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44D22108-C65D-4BB4-8141-B05F053863BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:f5:big-ip_application_security_manager:10.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B42FE789-9F15-4450-B1B8-7D2A044A26A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:f5:big-ip_application_security_manager:10.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B598A78-EF2C-461F-844E-84B0971A2F5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:f5:big-ip_protocol_security_manager:9.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AE2CC21-3B8B-443B-A427-482B8A9D80DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:f5:big-ip_protocol_security_manager:9.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"50191BEE-7001-43DC-8AEE-01E233594752\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:f5:big-ip_protocol_security_manager:9.4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"178C7BDD-639E-4472-BEDE-9187CD50DA4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:f5:big-ip_protocol_security_manager:10.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B38707-9BD0-4E41-93A4-CCDDF1E8BC73\"}]}]}],\"references\":[{\"url\":\"http://osvdb.org/61297\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/37805\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/37452\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1023386\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/3627\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/55005\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/61297\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/37805\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/37452\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1023386\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/3627\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/55005\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

GSD-2009-4420

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2009-4420

Aliases

CVE-2009-4420

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2009-4420",
    "description": "Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors.  NOTE: some of these details are obtained from third party information.",
    "id": "GSD-2009-4420"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2009-4420"
      ],
      "details": "Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors.  NOTE: some of these details are obtained from third party information.",
      "id": "GSD-2009-4420",
      "modified": "2023-12-13T01:19:45.959611Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2009-4420",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors.  NOTE: some of these details are obtained from third party information."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1023386",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1023386"
          },
          {
            "name": "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html",
            "refsource": "CONFIRM",
            "url": "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html"
          },
          {
            "name": "61297",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/61297"
          },
          {
            "name": "bigip-asm-psm-bd-dos(55005)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55005"
          },
          {
            "name": "ADV-2009-3627",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2009/3627"
          },
          {
            "name": "37805",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/37805"
          },
          {
            "name": "37452",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/37452"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:f5:big-ip_protocol_security_manager:9.4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:f5:big-ip_protocol_security_manager:9.4.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:f5:big-ip_application_security_manager:10.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:f5:big-ip_application_security_manager:10.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:f5:big-ip_application_security_manager:9.4.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:f5:big-ip_application_security_manager:9.4.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:f5:big-ip_protocol_security_manager:10.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:f5:big-ip_application_security_manager:9.4.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:f5:big-ip_application_security_manager:9.4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:f5:big-ip_protocol_security_manager:9.4.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-4420"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors.  NOTE: some of these details are obtained from third party information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html"
            },
            {
              "name": "37805",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/37805"
            },
            {
              "name": "37452",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/37452"
            },
            {
              "name": "ADV-2009-3627",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/3627"
            },
            {
              "name": "1023386",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1023386"
            },
            {
              "name": "61297",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/61297"
            },
            {
              "name": "bigip-asm-psm-bd-dos(55005)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55005"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2019-06-06T15:11Z",
      "publishedDate": "2009-12-24T17:30Z"
    }
  }
}

VAR-200912-0370

Vulnerability from variot - Updated: 2023-12-18 13:40

Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: some of these details are obtained from third party information. An attacker may exploit this issue to execute arbitrary code with the privileges of the affected application. Successful exploits may compromise affected devices. Failed exploit attempts will result in a denial-of-service condition. Technical details are currently unavailable. We will update this BID as more information emerges. F5 BIG-IP is a powerful application switch. Remote attackers can use unknown vectors to cause a denial of service. ----------------------------------------------------------------------

Do you have VARM strategy implemented?

(Vulnerability Assessment Remediation Management)

If not, then implement it through the most reliable vulnerability intelligence source on the market.

Implement it through Secunia.

The vulnerability is caused due to an unspecified error in the "bd" daemon and can be exploited to crash an affected system.

The vulnerability is reported in the following products and versions: * BIG-IP ASM versions 9.4.4 through 9.4.7 * BIG-IP ASM versions 10.0.0 through 10.0.1 * BIG-IP PSM versions 9.4.5 through 9.4.7 * BIG-IP PSM versions 10.0.0 through 10.0.1

SOLUTION: Update to version 9.4.8 or 10.1.0, or apply patches.

BIG-IP version 9.4.6: Apply Hotfix-BIGIP-9.4.6-425.0-HF3.

BIG-IP version 9.4.7: Apply Hotfix-BIGIP-9.4.7-333.0-HF2.

BIG-IP version 10.0.0: Apply Hotfix-BIGIP-10.0.0-5519.0-HF3.

BIG-IP version 10.0.1: Apply Hotfix-BIGIP-10.0.1-354.0-HF2.

PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.

ORIGINAL ADVISORY: F5 Networks (CR126690): https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200912-0370",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "big-ip protocol security manager",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "f5",
        "version": "9.4.7"
      },
      {
        "model": "big-ip protocol security manager",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "f5",
        "version": "9.4.6"
      },
      {
        "model": "big-ip protocol security manager",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "f5",
        "version": "9.4.5"
      },
      {
        "model": "big-ip application security manager",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "f5",
        "version": "10.0.1"
      },
      {
        "model": "big-ip application security manager",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "f5",
        "version": "9.4.7"
      },
      {
        "model": "big-ip application security manager",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "f5",
        "version": "9.4.6"
      },
      {
        "model": "big-ip application security manager",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "f5",
        "version": "9.4.5"
      },
      {
        "model": "big-ip application security manager",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "f5",
        "version": "9.4.4"
      },
      {
        "model": "big-ip application security manager",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "f5",
        "version": "10.0.0"
      },
      {
        "model": "big-ip protocol security manager",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "f5",
        "version": "10.0.1"
      },
      {
        "model": "big-ip protocol security module",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f5",
        "version": "10.0.0"
      },
      {
        "model": "big-ip application security manager",
        "scope": null,
        "trust": 0.8,
        "vendor": "f5",
        "version": null
      },
      {
        "model": "big-ip protocol security manager",
        "scope": null,
        "trust": 0.8,
        "vendor": "f5",
        "version": null
      },
      {
        "model": "big-ip protocol security manager",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "f5",
        "version": "10.0.0"
      },
      {
        "model": "big-ip protocol security manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "10.0"
      },
      {
        "model": "big-ip application security manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "10.0"
      },
      {
        "model": "big-ip protocol security manager",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "10.1"
      },
      {
        "model": "big-ip protocol security manager",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "9.4.8"
      },
      {
        "model": "big-ip application security manager",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "10.1"
      },
      {
        "model": "big-ip application security manager",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "9.4.8"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "37452"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002656"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-4420"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200912-353"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:f5:big-ip_protocol_security_manager:9.4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:f5:big-ip_protocol_security_manager:9.4.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:f5:big-ip_application_security_manager:10.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:f5:big-ip_application_security_manager:10.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:f5:big-ip_application_security_manager:9.4.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:f5:big-ip_application_security_manager:9.4.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:f5:big-ip_protocol_security_manager:10.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:f5:big-ip_application_security_manager:9.4.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:f5:big-ip_application_security_manager:9.4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:f5:big-ip_protocol_security_manager:9.4.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2009-4420"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor.",
    "sources": [
      {
        "db": "BID",
        "id": "37452"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200912-353"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2009-4420",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 7.8,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2009-4420",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-41866",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2009-4420",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200912-353",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-41866",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-41866"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002656"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-4420"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200912-353"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors.  NOTE: some of these details are obtained from third party information. \nAn attacker may exploit this issue to execute arbitrary code with the privileges of the affected application. Successful exploits may compromise affected devices. Failed exploit attempts will result in a denial-of-service condition. \nTechnical details are currently unavailable. We will update this BID as more information emerges. F5 BIG-IP is a powerful application switch. Remote attackers can use unknown vectors to cause a denial of service. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management)  \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nThe vulnerability is caused due to an unspecified error in the \"bd\"\ndaemon and can be exploited to crash an affected system. \n\nThe vulnerability is reported in the following products and\nversions:\n* BIG-IP ASM versions 9.4.4 through 9.4.7\n* BIG-IP ASM versions 10.0.0 through 10.0.1\n* BIG-IP PSM versions 9.4.5 through 9.4.7\n* BIG-IP PSM versions 10.0.0 through 10.0.1\n\nSOLUTION:\nUpdate to version 9.4.8 or 10.1.0, or apply patches. \n\nBIG-IP version 9.4.6:\nApply Hotfix-BIGIP-9.4.6-425.0-HF3. \n\nBIG-IP version 9.4.7:\nApply Hotfix-BIGIP-9.4.7-333.0-HF2. \n\nBIG-IP version 10.0.0:\nApply Hotfix-BIGIP-10.0.0-5519.0-HF3. \n\nBIG-IP version 10.0.1:\nApply Hotfix-BIGIP-10.0.1-354.0-HF2. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nF5 Networks (CR126690):\nhttps://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2009-4420"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002656"
      },
      {
        "db": "BID",
        "id": "37452"
      },
      {
        "db": "VULHUB",
        "id": "VHN-41866"
      },
      {
        "db": "PACKETSTORM",
        "id": "84223"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "37452",
        "trust": 2.8
      },
      {
        "db": "SECUNIA",
        "id": "37805",
        "trust": 2.6
      },
      {
        "db": "OSVDB",
        "id": "61297",
        "trust": 2.5
      },
      {
        "db": "NVD",
        "id": "CVE-2009-4420",
        "trust": 2.5
      },
      {
        "db": "SECTRACK",
        "id": "1023386",
        "trust": 2.5
      },
      {
        "db": "VUPEN",
        "id": "ADV-2009-3627",
        "trust": 1.7
      },
      {
        "db": "XF",
        "id": "55005",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002656",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200912-353",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-41866",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "84223",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-41866"
      },
      {
        "db": "BID",
        "id": "37452"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002656"
      },
      {
        "db": "PACKETSTORM",
        "id": "84223"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-4420"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200912-353"
      }
    ]
  },
  "id": "VAR-200912-0370",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-41866"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T13:40:18.743000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.f5networks.co.jp"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002656"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-41866"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002656"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-4420"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.1,
        "url": "http://www.securityfocus.com/bid/37452"
      },
      {
        "trust": 2.5,
        "url": "http://osvdb.org/61297"
      },
      {
        "trust": 2.5,
        "url": "http://www.securitytracker.com/id?1023386"
      },
      {
        "trust": 2.5,
        "url": "http://secunia.com/advisories/37805"
      },
      {
        "trust": 2.1,
        "url": "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.vupen.com/english/advisories/2009/3627"
      },
      {
        "trust": 1.7,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55005"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4420"
      },
      {
        "trust": 0.8,
        "url": "http://xforce.iss.net/xforce/xfdb/55005"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-4420"
      },
      {
        "trust": 0.3,
        "url": "http://www.f5.com/products/big-ip/product-modules/application-security-manager.html"
      },
      {
        "trust": 0.3,
        "url": "http://www.f5.com/products/big-ip/feature-modules/protocol-security-module.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/37805/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/business_solutions/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-41866"
      },
      {
        "db": "BID",
        "id": "37452"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002656"
      },
      {
        "db": "PACKETSTORM",
        "id": "84223"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-4420"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200912-353"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-41866"
      },
      {
        "db": "BID",
        "id": "37452"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002656"
      },
      {
        "db": "PACKETSTORM",
        "id": "84223"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-4420"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200912-353"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2009-12-24T00:00:00",
        "db": "VULHUB",
        "id": "VHN-41866"
      },
      {
        "date": "2009-12-23T00:00:00",
        "db": "BID",
        "id": "37452"
      },
      {
        "date": "2011-06-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2009-002656"
      },
      {
        "date": "2009-12-29T10:23:30",
        "db": "PACKETSTORM",
        "id": "84223"
      },
      {
        "date": "2009-12-24T17:30:00.280000",
        "db": "NVD",
        "id": "CVE-2009-4420"
      },
      {
        "date": "2009-12-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200912-353"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-06-06T00:00:00",
        "db": "VULHUB",
        "id": "VHN-41866"
      },
      {
        "date": "2009-12-28T18:02:00",
        "db": "BID",
        "id": "37452"
      },
      {
        "date": "2011-06-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2009-002656"
      },
      {
        "date": "2019-06-06T15:11:35.077000",
        "db": "NVD",
        "id": "CVE-2009-4420"
      },
      {
        "date": "2019-06-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200912-353"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200912-353"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "F5 BIG-IP ASM and PSM Remote Buffer Overflow Vulnerability",
    "sources": [
      {
        "db": "BID",
        "id": "37452"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200912-353"
      }
    ],
    "trust": 0.9
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200912-353"
      }
    ],
    "trust": 0.6
  }
}

GHSA-JGGW-46HJ-WCQ8

Vulnerability from github – Published: 2022-05-02 03:54 – Updated: 2022-05-02 03:54

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2009-4420"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-12-24T17:30:00Z",
    "severity": "HIGH"
  },
  "details": "Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors.  NOTE: some of these details are obtained from third party information.",
  "id": "GHSA-jggw-46hj-wcq8",
  "modified": "2022-05-02T03:54:30Z",
  "published": "2022-05-02T03:54:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-4420"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55005"
    },
    {
      "type": "WEB",
      "url": "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/61297"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/37805"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/37452"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1023386"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/3627"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2009-4420

Vulnerability from fkie_nvd - Published: 2009-12-24 17:30 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://osvdb.org/61297
cve@mitre.org	http://secunia.com/advisories/37805	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/37452
cve@mitre.org	http://www.securitytracker.com/id?1023386
cve@mitre.org	http://www.vupen.com/english/advisories/2009/3627	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/55005
cve@mitre.org	https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/61297
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/37805	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/37452
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1023386
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/3627	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/55005
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html

Impacted products

Vendor	Product	Version
f5	big-ip_protocol_security_module	10.0.0
f5	big-ip_application_security_manager	9.4.4
f5	big-ip_application_security_manager	9.4.5
f5	big-ip_application_security_manager	9.4.6
f5	big-ip_application_security_manager	9.4.7
f5	big-ip_application_security_manager	10.0.0
f5	big-ip_application_security_manager	10.0.1
f5	big-ip_protocol_security_manager	9.4.5
f5	big-ip_protocol_security_manager	9.4.6
f5	big-ip_protocol_security_manager	9.4.7
f5	big-ip_protocol_security_manager	10.0.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2691943C-1FD1-43EE-B070-E35710E426ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_application_security_manager:9.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEABC433-37BD-4A53-A872-92564807F022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_application_security_manager:9.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "409B66AC-292F-426D-A908-D6D865A25CA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_application_security_manager:9.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEAA4B9A-B1FB-4273-A0B3-A69F49D940D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_application_security_manager:9.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "44D22108-C65D-4BB4-8141-B05F053863BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_application_security_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B42FE789-9F15-4450-B1B8-7D2A044A26A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_application_security_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B598A78-EF2C-461F-844E-84B0971A2F5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:9.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AE2CC21-3B8B-443B-A427-482B8A9D80DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:9.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "50191BEE-7001-43DC-8AEE-01E233594752",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:9.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "178C7BDD-639E-4472-BEDE-9187CD50DA4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "07B38707-9BD0-4E41-93A4-CCDDF1E8BC73",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors.  NOTE: some of these details are obtained from third party information."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de buffer en el demonio bd en F5 Networks BIG-IP Application Security Manager (ASM) v9.4.4 hasta v9.4.7 y v10.0.0 hasta v10.0.1, y Protocol Security Manager (PSM) v9.4.5 hasta v9.4.7 y v10.0.0 hasta v10.0.1, permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de vectores desconocidos. NOTA: algunos de estos detalles se han obtenido de informaci\u00f3n de terceros."
    }
  ],
  "id": "CVE-2009-4420",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-12-24T17:30:00.280",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/61297"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37805"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/37452"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1023386"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/3627"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55005"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/61297"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37805"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/37452"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1023386"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/3627"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55005"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2009-4420 (GCVE-0-2009-4420)

GSD-2009-4420

VAR-200912-0370

GHSA-JGGW-46HJ-WCQ8

FKIE_CVE-2009-4420

Tags

Sightings

Nomenclature