VAR-200912-0370
Vulnerability from variot - Updated: 2023-12-18 13:40Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: some of these details are obtained from third party information. An attacker may exploit this issue to execute arbitrary code with the privileges of the affected application. Successful exploits may compromise affected devices. Failed exploit attempts will result in a denial-of-service condition. Technical details are currently unavailable. We will update this BID as more information emerges. F5 BIG-IP is a powerful application switch. Remote attackers can use unknown vectors to cause a denial of service. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
The vulnerability is caused due to an unspecified error in the "bd" daemon and can be exploited to crash an affected system.
The vulnerability is reported in the following products and versions: * BIG-IP ASM versions 9.4.4 through 9.4.7 * BIG-IP ASM versions 10.0.0 through 10.0.1 * BIG-IP PSM versions 9.4.5 through 9.4.7 * BIG-IP PSM versions 10.0.0 through 10.0.1
SOLUTION: Update to version 9.4.8 or 10.1.0, or apply patches.
BIG-IP version 9.4.6: Apply Hotfix-BIGIP-9.4.6-425.0-HF3.
BIG-IP version 9.4.7: Apply Hotfix-BIGIP-9.4.7-333.0-HF2.
BIG-IP version 10.0.0: Apply Hotfix-BIGIP-10.0.0-5519.0-HF3.
BIG-IP version 10.0.1: Apply Hotfix-BIGIP-10.0.1-354.0-HF2.
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: F5 Networks (CR126690): https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200912-0370",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "big-ip protocol security manager",
"scope": "eq",
"trust": 1.9,
"vendor": "f5",
"version": "9.4.7"
},
{
"model": "big-ip protocol security manager",
"scope": "eq",
"trust": 1.9,
"vendor": "f5",
"version": "9.4.6"
},
{
"model": "big-ip protocol security manager",
"scope": "eq",
"trust": 1.9,
"vendor": "f5",
"version": "9.4.5"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.9,
"vendor": "f5",
"version": "10.0.1"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.9,
"vendor": "f5",
"version": "9.4.7"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.9,
"vendor": "f5",
"version": "9.4.6"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.9,
"vendor": "f5",
"version": "9.4.5"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.9,
"vendor": "f5",
"version": "9.4.4"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "10.0.0"
},
{
"model": "big-ip protocol security manager",
"scope": "eq",
"trust": 1.3,
"vendor": "f5",
"version": "10.0.1"
},
{
"model": "big-ip protocol security module",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "10.0.0"
},
{
"model": "big-ip application security manager",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip protocol security manager",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip protocol security manager",
"scope": "eq",
"trust": 0.6,
"vendor": "f5",
"version": "10.0.0"
},
{
"model": "big-ip protocol security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "big-ip protocol security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "big-ip protocol security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "9.4.8"
},
{
"model": "big-ip application security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "big-ip application security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "9.4.8"
}
],
"sources": [
{
"db": "BID",
"id": "37452"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002656"
},
{
"db": "NVD",
"id": "CVE-2009-4420"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-353"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:f5:big-ip_protocol_security_manager:9.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:f5:big-ip_protocol_security_manager:9.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:f5:big-ip_application_security_manager:10.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:f5:big-ip_application_security_manager:10.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:f5:big-ip_application_security_manager:9.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:f5:big-ip_application_security_manager:9.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:f5:big-ip_protocol_security_manager:10.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:f5:big-ip_application_security_manager:9.4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:f5:big-ip_application_security_manager:9.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:f5:big-ip_protocol_security_manager:9.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-4420"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor.",
"sources": [
{
"db": "BID",
"id": "37452"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-353"
}
],
"trust": 0.9
},
"cve": "CVE-2009-4420",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2009-4420",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-41866",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-4420",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200912-353",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-41866",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41866"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002656"
},
{
"db": "NVD",
"id": "CVE-2009-4420"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-353"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: some of these details are obtained from third party information. \nAn attacker may exploit this issue to execute arbitrary code with the privileges of the affected application. Successful exploits may compromise affected devices. Failed exploit attempts will result in a denial-of-service condition. \nTechnical details are currently unavailable. We will update this BID as more information emerges. F5 BIG-IP is a powerful application switch. Remote attackers can use unknown vectors to cause a denial of service. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nThe vulnerability is caused due to an unspecified error in the \"bd\"\ndaemon and can be exploited to crash an affected system. \n\nThe vulnerability is reported in the following products and\nversions:\n* BIG-IP ASM versions 9.4.4 through 9.4.7\n* BIG-IP ASM versions 10.0.0 through 10.0.1\n* BIG-IP PSM versions 9.4.5 through 9.4.7\n* BIG-IP PSM versions 10.0.0 through 10.0.1\n\nSOLUTION:\nUpdate to version 9.4.8 or 10.1.0, or apply patches. \n\nBIG-IP version 9.4.6:\nApply Hotfix-BIGIP-9.4.6-425.0-HF3. \n\nBIG-IP version 9.4.7:\nApply Hotfix-BIGIP-9.4.7-333.0-HF2. \n\nBIG-IP version 10.0.0:\nApply Hotfix-BIGIP-10.0.0-5519.0-HF3. \n\nBIG-IP version 10.0.1:\nApply Hotfix-BIGIP-10.0.1-354.0-HF2. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nF5 Networks (CR126690):\nhttps://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-4420"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002656"
},
{
"db": "BID",
"id": "37452"
},
{
"db": "VULHUB",
"id": "VHN-41866"
},
{
"db": "PACKETSTORM",
"id": "84223"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "37452",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "37805",
"trust": 2.6
},
{
"db": "OSVDB",
"id": "61297",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2009-4420",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1023386",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2009-3627",
"trust": 1.7
},
{
"db": "XF",
"id": "55005",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002656",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200912-353",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-41866",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "84223",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41866"
},
{
"db": "BID",
"id": "37452"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002656"
},
{
"db": "PACKETSTORM",
"id": "84223"
},
{
"db": "NVD",
"id": "CVE-2009-4420"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-353"
}
]
},
"id": "VAR-200912-0370",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-41866"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:40:18.743000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.f5networks.co.jp"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002656"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41866"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002656"
},
{
"db": "NVD",
"id": "CVE-2009-4420"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://www.securityfocus.com/bid/37452"
},
{
"trust": 2.5,
"url": "http://osvdb.org/61297"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1023386"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/37805"
},
{
"trust": 2.1,
"url": "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2009/3627"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55005"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4420"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/55005"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-4420"
},
{
"trust": 0.3,
"url": "http://www.f5.com/products/big-ip/product-modules/application-security-manager.html"
},
{
"trust": 0.3,
"url": "http://www.f5.com/products/big-ip/feature-modules/protocol-security-module.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/37805/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41866"
},
{
"db": "BID",
"id": "37452"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002656"
},
{
"db": "PACKETSTORM",
"id": "84223"
},
{
"db": "NVD",
"id": "CVE-2009-4420"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-353"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-41866"
},
{
"db": "BID",
"id": "37452"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002656"
},
{
"db": "PACKETSTORM",
"id": "84223"
},
{
"db": "NVD",
"id": "CVE-2009-4420"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-353"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-12-24T00:00:00",
"db": "VULHUB",
"id": "VHN-41866"
},
{
"date": "2009-12-23T00:00:00",
"db": "BID",
"id": "37452"
},
{
"date": "2011-06-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002656"
},
{
"date": "2009-12-29T10:23:30",
"db": "PACKETSTORM",
"id": "84223"
},
{
"date": "2009-12-24T17:30:00.280000",
"db": "NVD",
"id": "CVE-2009-4420"
},
{
"date": "2009-12-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200912-353"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-06T00:00:00",
"db": "VULHUB",
"id": "VHN-41866"
},
{
"date": "2009-12-28T18:02:00",
"db": "BID",
"id": "37452"
},
{
"date": "2011-06-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002656"
},
{
"date": "2019-06-06T15:11:35.077000",
"db": "NVD",
"id": "CVE-2009-4420"
},
{
"date": "2019-06-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200912-353"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200912-353"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "F5 BIG-IP ASM and PSM Remote Buffer Overflow Vulnerability",
"sources": [
{
"db": "BID",
"id": "37452"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-353"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200912-353"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…