Описание
Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bounds write.
Ссылки
- Exploit
- Vendor Advisory
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*
Конфигурация 2Версия до 2.83 (включая)
Одно из
cpe:2.3:a:transmissionbt:transmission:*:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.1:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.2:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.3:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.4:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.5:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.6:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.70:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.71:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.72:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.80:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.81:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.82:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.90:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.91:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.92:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.93:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.94:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.95:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:0.96:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.00:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.01:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.02:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.2:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.03:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.04:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.05:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.06:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.10:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.11:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.20:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.21:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.22:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.30:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.31:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.32:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.33:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.34:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.40:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.41:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.42:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.50:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.51:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.52:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.53:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.54:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.60:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.61:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.70:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.71:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.72:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.73:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.74:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.75:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.76:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.77:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.80:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.81:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.82:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.83:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.90:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.91:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.92:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:1.93:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.00:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.01:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.02:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.03:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.04:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.10:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.11:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.12:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.13:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.20:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.21:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.22:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.30:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.31:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.32:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.33:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.40:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.41:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.42:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.50:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.51:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.52:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.60:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.61:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.70:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.71:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.72:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.73:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.74:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.75:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.76:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.77:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.80:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.81:*:*:*:*:*:*:*
cpe:2.3:a:transmissionbt:transmission:2.82:*:*:*:*:*:*:*
EPSS
Процентиль: 92%
0.09187
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-189
Связанные уязвимости
ubuntu
больше 11 лет назад
Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bounds write.
debian
больше 11 лет назад
Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bit ...
github
больше 3 лет назад
Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bounds write.
EPSS
Процентиль: 92%
0.09187
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-189