mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 17:21:36 +00:00
245 lines
8.2 KiB
JSON
245 lines
8.2 KiB
JSON
{
|
|
"id": "CVE-2009-0751",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2009-03-02T22:30:00.250",
|
|
"lastModified": "2017-09-29T01:34:00.060",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Yaws before 1.80 allows remote attackers to cause a denial of service (memory consumption and crash) via a request with a large number of headers."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Vulnerabilidad en el servidor web Yaws en sus versiones anteriores a v1.30 que permite a atacantes remotos causar una denegaci\u00f3n de servicio (agotamiento de la memoria y ca\u00edda del servicio) a trav\u00e9s de peticiones con un gran n\u00famero de cabeceras."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "PARTIAL",
|
|
"baseScore": 5.0
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-399"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:yaws:yaws:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "1.79",
|
|
"matchCriteriaId": "C46DD252-6005-4E5A-9D11-F3FBF6410453"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:yaws:yaws:1.50:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "992B1D73-29BD-454E-B1A7-62B812D186C3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:yaws:yaws:1.51:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "684FE8BF-66B0-4135-958F-E5198DF7CA6D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:yaws:yaws:1.52:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4AE18953-7DF2-4E14-9368-F51AE9B300B8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:yaws:yaws:1.53:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "399F854C-C07E-42A8-B7E6-EED32DD4061E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:yaws:yaws:1.54:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DEC2C7DD-C87D-4FB5-B3E9-E6BE55D1CDAE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:yaws:yaws:1.55:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AAE09563-F7F2-4EE2-B97C-AF75F1884C39"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:yaws:yaws:1.56:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BB429B9B-D2E9-4AAA-9EB6-CA9DBC82D64C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:yaws:yaws:1.57:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FBA1F732-E68A-4922-8B5B-D023E96EE21A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:yaws:yaws:1.58:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E1839141-82D5-4E88-8F28-EB26E97F1A0E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:yaws:yaws:1.61:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "62B3E003-B9F6-4793-BA89-1F3E13B91B7A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:yaws:yaws:1.62:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A1828466-3EAA-4B40-946A-B6400177155B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:yaws:yaws:1.63:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2C2DF037-3854-48AE-BBF7-087ADE80ED2E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:yaws:yaws:1.64:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4F394C56-A5C1-4616-B0B0-0EEC3AA0C864"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:yaws:yaws:1.65:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "42D1FC96-87A6-4C42-BDED-79DD462DD47A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:yaws:yaws:1.66:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AC1335E6-D02B-403C-9878-FED0095874AF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:yaws:yaws:1.67:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B5E253A0-BDC9-480B-8C2B-FE9C33F12F84"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:yaws:yaws:1.68:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "09CFB1DE-D860-438C-A9E7-A7372154925F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:yaws:yaws:1.70:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EE02B9FE-300B-4191-B623-0883BD69DE22"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:yaws:yaws:1.71:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C55AF6B3-800C-4E80-8D2D-EF164C108004"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:yaws:yaws:1.72:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "206F051E-15E7-4CFD-A17A-47BBA4DB7D75"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:yaws:yaws:1.73:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "704FF671-C530-4000-9C15-B6CDB73EBE0D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:yaws:yaws:1.74:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DF5EBB06-F40A-4349-A6D8-6E43E64473CB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:yaws:yaws:1.75:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "150881D1-84FC-4522-978D-FDE49297FE14"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:yaws:yaws:1.76:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E60B04D6-6CA3-4D79-AFD3-B6426158A93F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:yaws:yaws:1.77:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D3ABEC8B-A76C-497C-9743-D9F5EE485657"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:yaws:yaws:1.78:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D82781B6-6A56-4CBB-B620-D2FB3AB60558"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://secunia.com/advisories/33979",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/34239",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.debian.org/security/2009/dsa-1740",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.openwall.com/lists/oss-security/2009/02/19/1",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/33834",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2009/0590",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://yaws.hyber.org/",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.exploit-db.com/exploits/8148",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |