Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2009-2958

Опубликовано: 02 сент. 2009
Источник: nvd
CVSS2: 4.3
EPSS Низкий

Описание

The tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a TFTP read (aka RRQ) request with a malformed blksize option.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*
Версия до 2.49 (включая)
cpe:2.3:a:thekelleys:dnsmasq:0.4:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:0.5:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:0.6:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:0.7:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:0.95:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:0.96:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:0.98:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:0.992:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:0.996:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.0:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.2:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.3:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.4:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.5:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.6:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.7:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.8:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.9:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.10:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.11:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.12:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.13:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.14:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.15:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.16:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.17:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:1.18:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.0:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.1:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.2:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.3:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.4:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.5:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.6:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.7:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.8:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.9:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.10:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.11:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.12:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.13:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.14:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.15:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.16:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.17:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.18:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.19:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.20:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.21:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.22:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.23:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.24:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.25:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.26:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.27:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.28:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.29:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.30:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.31:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.33:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.34:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.35:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.36:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.37:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.38:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.39:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.40:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.41:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.42:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.43:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.44:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.45:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.46:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.47:*:*:*:*:*:*:*
cpe:2.3:a:thekelleys:dnsmasq:2.48:*:*:*:*:*:*:*

EPSS

Процентиль: 74%
0.00835
Низкий

4.3 Medium

CVSS2

Дефекты

CWE-399

Связанные уязвимости

ubuntu логотип

CVE-2009-2958

ubuntu
почти 16 лет назад

The tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a TFTP read (aka RRQ) request with a malformed blksize option.

redhat логотип

CVE-2009-2958

redhat
почти 16 лет назад

The tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a TFTP read (aka RRQ) request with a malformed blksize option.

debian логотип

CVE-2009-2958

debian
почти 16 лет назад

The tftp_request function in tftp.c in dnsmasq before 2.50, when --ena ...

github логотип

GHSA-m4qp-3gf5-73rm

github
около 3 лет назад

The tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a TFTP read (aka RRQ) request with a malformed blksize option.

fstec логотип

BDU:2015-00415

fstec
почти 16 лет назад

Уязвимость программного обеспечения Dnsmasq, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации

EPSS

Процентиль: 74%
0.00835
Низкий

4.3 Medium

CVSS2

Дефекты

CWE-399