CVE-2014-0469

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2014-0469
Stack-based buffer overflow in a certain Debian patch for xbuffy before 3.3.bl.3.dfsg-9 allows remote attackers to execute arbitrary code via the subject of an email, possibly related to indent subject lines.

6.8 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://www.openwall.com/lists/oss-security/2014/04/28/3
http://www.securityfocus.com/bid/67090
http://packages.qa.debian.org/x/xbuffy/news/20140427T181904Z.html
http://www.debian.org/security/2014/dsa-2921
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:debian:xbuffy:3.3.bl.3.dfsg-3:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.3.dfsg-2:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.3-19:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.3-18:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.3-11:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.3-10:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.3-3:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.3-2:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.3.dfsg-7:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.3.dfsg-6:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.3-24:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.3-25:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.3-22:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.3-1:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.2.1-4:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.3-15:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.3-7:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.3-23:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:*:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.3.dfsg-1:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.3-8:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.3-17:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.3-6:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.3.dfsg-4:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.3-21:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.3-14:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.2.1-3:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.3-9:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.3.dfsg-5:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.3-16:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.3-20:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3-1:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.2-1:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.3-13:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.3-12:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.2.1-2:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.2.1-1:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.bl.3-5:*:*:*:*:*:*:*
cpe:2.3:a:debian:xbuffy:3.3.b1.3-4:*:*:*:*:*:*:*
Information

Published : 2014-05-05 09:07

Updated : 2014-05-30 21:30

NVD link : CVE-2014-0469

Mitre link : CVE-2014-0469

JSON object : View

CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Advertisement

dedicated server usa
Products Affected

debian

  • xbuffy