2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2009-4810" ,
"sourceIdentifier" : "cve@mitre.org" ,
"published" : "2010-04-23T14:30:01.103" ,
"lastModified" : "2010-04-26T16:17:46.140" ,
"vulnStatus" : "Analyzed" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "The Secure Remote Password (SRP) implementation in Samhain before 2.5.4 does not check for a certain zero value where required by the protocol, which allows remote attackers to bypass authentication via crafted input."
} ,
{
"lang" : "es" ,
"value" : "La implementaci\u00f3n de Secure Remote Password (SRP) en Samhain v2.5.4 no comprueba un cierto valor cero como lo exige el protocolo, lo cual permite a atacantes remotos evitar la autenticaci\u00f3n mediante una entrada debidamente modificada."
}
] ,
"metrics" : {
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P" ,
"accessVector" : "NETWORK" ,
"accessComplexity" : "LOW" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "PARTIAL" ,
"integrityImpact" : "PARTIAL" ,
"availabilityImpact" : "PARTIAL" ,
"baseScore" : 7.5
} ,
"baseSeverity" : "HIGH" ,
"exploitabilityScore" : 10.0 ,
"impactScore" : 6.4 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : false
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-20"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "2.5.3" ,
"matchCriteriaId" : "B3318E9A-DF07-45E6-B9D8-04D15FE9F24A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:1.8.9:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "88922C8A-7F2D-4CB8-B68E-826946EBBBC2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:1.8.10:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "32EBCA9F-B783-48EE-ABA1-8693982F569E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:1.8.10:a:*:*:*:*:*:*" ,
"matchCriteriaId" : "81030934-F0F6-439A-980E-9674422CBD1F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:1.8.10:b:*:*:*:*:*:*" ,
"matchCriteriaId" : "E09A72AE-D856-4C1B-8789-D4F24EDB1921"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:1.8.11:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "42EB5B2D-297B-46F6-90B1-393592A3CDB5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:1.8.12:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "82FD3347-086F-4053-842F-B429D9CA0D6A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:1.8.12:a:*:*:*:*:*:*" ,
"matchCriteriaId" : "F24F3FB6-30D0-46FC-81CB-339CA2BBCCE9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:1.8.12:b:*:*:*:*:*:*" ,
"matchCriteriaId" : "5AF9932E-1B18-4D8E-8836-80267077941F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.0.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "96DE0F6C-BB26-47C8-9A69-4E1001DDFFBE"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.0.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0F6601FD-E9BE-41C9-84B0-E087661A7F2D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.0.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0DDEBA1E-BC35-47CA-861A-E61D39E8ADCE"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.0.2:a:*:*:*:*:*:*" ,
"matchCriteriaId" : "6D2ED90D-D955-4870-837E-103CA42D3884"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.0.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "40949DF1-2FDF-4F4A-9DA6-0FECBD7A4E1F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.0.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "88D5655C-9419-4C03-98FE-FE59E918B669"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.0.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B55E7105-1CAE-4303-AE82-DF150CFF5E6E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.0.5:a:*:*:*:*:*:*" ,
"matchCriteriaId" : "98C85E21-7575-4256-BD81-FF0277C0576F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.0.5:b:*:*:*:*:*:*" ,
"matchCriteriaId" : "B6C7EFB2-64E4-4562-9509-4EBFCE5222C6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.0.6:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "FC6E862D-9DF7-4584-A570-5AC222F298A8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.0.7:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9FC8E51A-B9ED-46AF-9B6B-0D231077998D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.0.7:a:*:*:*:*:*:*" ,
"matchCriteriaId" : "7421B206-C1C5-456B-9EE1-539DBC55A304"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.0.7:b:*:*:*:*:*:*" ,
"matchCriteriaId" : "7BAE9857-D704-41C7-9AA7-37DEA428C169"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.0.7:c:*:*:*:*:*:*" ,
"matchCriteriaId" : "B311466B-FA36-4813-B789-F3B172A03180"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.0.7:d:*:*:*:*:*:*" ,
"matchCriteriaId" : "2A89F0C2-AF64-44F9-B0E1-ABA36092C904"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.0.7:e:*:*:*:*:*:*" ,
"matchCriteriaId" : "2E940277-5F5E-456B-9F57-505572179F97"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.0.8:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "75E1397D-51BD-4534-AD04-049CBB57AE06"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.0.9:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7E8EC6A7-E641-49C7-9457-7D1CF2917832"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.0.10:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "62553213-5BB1-439E-AA71-49B9196FDBE0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.0.10:a:*:*:*:*:*:*" ,
"matchCriteriaId" : "8D786E6A-D839-4DA6-84FD-AE6C29E8E5BC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.1.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "02EE2EE9-7526-484D-BBB5-7425067DCF5C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.1.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "952D4F5A-7B42-42D5-9BB1-75426C3846C6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.1.1:a:*:*:*:*:*:*" ,
"matchCriteriaId" : "9CFE08FC-1E88-453F-A5D5-BAF878874E61"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.1.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0EDD4BA4-0BAD-4028-81AB-E76CCC44649B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.1.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0B52BE6C-EBB4-41D5-AEB8-0997FFF702A3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.2.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "57A2F925-C73F-4595-B49A-919150A6036C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.2.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F1C5EFA7-9112-48B1-ABE5-336E4029BE80"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.2.1:a:*:*:*:*:*:*" ,
"matchCriteriaId" : "1904BB19-EDDA-497A-9811-1F97A9E8279C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.2.1:b:*:*:*:*:*:*" ,
"matchCriteriaId" : "CFC2B303-EADE-4338-8716-6D0F03DD376C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.2.1:c:*:*:*:*:*:*" ,
"matchCriteriaId" : "FC05B1B2-B862-4C7E-9072-055D1F90280C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.2.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "DC7B4E60-4176-4912-97FA-586CDB2FFFC4"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.2.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "39A988A5-27DE-4565-8E05-C2088D801D7D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.2.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A9C507B7-C452-4E83-9B6F-9271CF716F52"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.2.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9C4A635A-6024-487D-95E7-DC6702494C08"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.2.6:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "545EA47C-B46A-48D5-BE5F-6BD286C8ADB1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.3.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "1FA9C9A2-9146-495B-84F2-20DB8278C0BC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.3.0:a:*:*:*:*:*:*" ,
"matchCriteriaId" : "57A3A736-6FC8-40C9-8A49-61AE0817EA39"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.3.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "3805E672-6AED-4BEA-B4E1-540D93E219E1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.3.1:a:*:*:*:*:*:*" ,
"matchCriteriaId" : "FD5A3D54-3B42-4A34-960D-F9B7EC9B27FB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.3.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A987AEED-AE52-4860-985D-3CC6E6B914C2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.3.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C252372C-FD22-46BE-B2AF-FC1C915CD985"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.3.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "BE177E23-B945-4DEC-90F2-4B77325DD468"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.3.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9148D4B9-4E16-480B-AC52-ACA0B81EDECD"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.3.6:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "031EF7A6-B66B-445A-A491-71F32F1FA60A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.3.7:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "16FFAC90-3DBC-459E-87D5-72A0E0284A77"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.3.8:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "00D3E7F6-6437-409E-8065-94E1650B690B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.4.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "3012B039-119F-49FB-B7E4-EFA9E35BB7A6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.4.0:a:*:*:*:*:*:*" ,
"matchCriteriaId" : "04F8AB07-893C-4636-AC0E-443963FD7E06"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.4.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7F1F468D-4DE5-4582-B308-922FB8F79A98"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.4.1:a:*:*:*:*:*:*" ,
"matchCriteriaId" : "6CA9A8F4-D56B-4886-A1CB-D76C25ADCA62"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.4.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "89F6F58C-BE8F-42E4-B026-75C22AA2C431"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.4.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "FBE2241E-8D23-465C-A19A-9B200F0F37CD"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.4.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B9154928-7C9B-4D57-AEB6-20C100CA8612"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.4.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B23666D7-E926-4D0E-974D-681E3B68775C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.4.5:a:*:*:*:*:*:*" ,
"matchCriteriaId" : "5C1A2C9C-CF8A-490C-9A11-826ABAA23EF6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.4.6:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8A8FB6B6-2EB9-4290-B6B0-6128930456E1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.4.6:a:*:*:*:*:*:*" ,
"matchCriteriaId" : "54732668-D695-469A-80F6-A9EDFD6705EF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.5.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "740B72E9-6CAB-4C1E-8B12-3E2FDF0BDFF7"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.5.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "65E276B9-5807-4519-8B02-B58FC0A4F2B3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.5.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A081CF87-BF63-4622-90A5-73101E4DF3A0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.5.2:a:*:*:*:*:*:*" ,
"matchCriteriaId" : "1626A67B-469A-4AFF-9505-9085E9E4F4E9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.5.2:b:*:*:*:*:*:*" ,
"matchCriteriaId" : "2D7B5EAE-A921-4A5A-8C90-E7C3361AEECB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:samhain_labs:samhain:2.6.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0DF4B4DA-1A5B-4538-BAA9-0CD74C7B516B"
}
]
}
]
}
] ,
"references" : [
2024-04-04 08:46:00 +00:00
{
"url" : "http://secunia.com/advisories/34104" ,
"source" : "cve@mitre.org" ,
"tags" : [
"Vendor Advisory"
]
} ,
2023-04-24 12:24:31 +02:00
{
"url" : "http://trac.la-samhna.de/samhain/changeset/225" ,
"source" : "cve@mitre.org" ,
"tags" : [
"Exploit" ,
"Patch"
]
} ,
{
"url" : "http://trac.la-samhna.de/samhain/ticket/150" ,
"source" : "cve@mitre.org" ,
"tags" : [
"Patch"
]
} ,
{
"url" : "http://www.securityfocus.com/bid/34003" ,
"source" : "cve@mitre.org"
}
]
}
