CVE-2009-1391
CVE-2009-1391
Off-by-one error in the inflate function in Zlib.xs in Compress::Raw::Zlib Perl module before 2.017, as used in AMaViS, SpamAssassin, and possibly other products, allows context-dependent attackers to cause a denial of service (hang or crash) via a crafted zlib compressed stream that triggers a heap-based buffer overflow, as exploited in the wild by Trojan.Downloader-71014 in June 2009.
Productos afectados
n/a · n/aPoCs públicas encontradas — 1
exploitdbwww.exploit-db.com/exploits/33032no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://article.gmane.org/gmane.mail.virus.amavis.user/33635http://article.gmane.org/gmane.mail.virus.amavis.user/33638http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.htmlhttp://osvdb.org/55041https://bugs.gentoo.org/show_bug.cgi?id=273141https://bugzilla.redhat.com/show_bug.cgi?id=504386http://secunia.com/advisories/35422http://secunia.com/advisories/35685http://secunia.com/advisories/35689http://secunia.com/advisories/35876http://security.gentoo.org/glsa/glsa-200908-07.xmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/51062