Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0650

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2009-0650
Last Modified 23 Feb 2009 12:00:00
Published 20 Feb 2009 01:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-0650

Summary

Stack-based buffer overflow in the GetStatsFromLine function in TPTEST 3.1.7 and earlier, and possibly 5.02, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a STATS line with a long pwd field. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Tptest 3.1.7

  • Tptest 5.0.2


References

XF - tptest-pwd-bo(48781)

BID - 33785

MILW0RM - 8058

SECUNIA - 33972


Last Updated: 27 May 2016 10:50:20