CVE-2009-0158

Опубликовано: 13 мая 2009

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Stack-based buffer overflow in telnet in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long hostname for a telnet server.

Ссылки

http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
Patch
Vendor Advisory
http://marc.info/?l=bugtraq&m=136482797910018&w=2
http://secunia.com/advisories/35074
http://support.apple.com/kb/HT3549
Patch
Vendor Advisory
http://www.securityfocus.com/bid/34926
http://www.us-cert.gov/cas/techalerts/TA09-133A.html
US Government Resource
http://www.vupen.com/english/advisories/2009/1297
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
Patch
Vendor Advisory
http://marc.info/?l=bugtraq&m=136482797910018&w=2
http://secunia.com/advisories/35074
http://support.apple.com/kb/HT3549
Patch
Vendor Advisory
http://www.securityfocus.com/bid/34926
http://www.us-cert.gov/cas/techalerts/TA09-133A.html
US Government Resource
http://www.vupen.com/english/advisories/2009/1297

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x_server:10.5.0:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x_server:10.5.6:*:*:*:*:*:*:*

EPSS

Процентиль: 85%

0.02637

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-26r9-77j6-q953

github

почти 4 года назад