CVE-2009-0544 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	10 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:N/C:C/I:C/A:C

Base Score

CVSS 3.x

EPSS Score

Percentile: 96%

Affected Products (NVD)

Vendor	Product	Version
pycrypto	arc2	2.0.1

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

python-crypto

dapper	Fixed 2.0.1+dfsg1-1ubuntu1.1 released
gutsy	Fixed 2.0.1+dfsg1-2ubuntu1.1 released
hardy	Fixed 2.0.1+dfsg1-2.1ubuntu1.1 released
intrepid	Fixed 2.0.1+dfsg1-2.3ubuntu0.1 released

Known Exploits!

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

http://gitweb2.dlitz.net/?p=crypto/pycrypto-2.x.git%3Ba=commitdiff%3Bh=d1c4875e1f220652fe7ff8358f56dee3b2aba31b

http://gitweb2.dlitz.net/?p=crypto/pycrypto-2.x.git%3Ba=commitdiff%3Bh=fd73731dfad451a81056fbb01e09aa78ab82eb5d

http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html

http://secunia.com/advisories/34199

http://secunia.com/advisories/35065

http://www.gentoo.org/security/en/glsa/glsa-200903-11.xml

http://www.mandriva.com/security/advisories?name=MDVSA-2009:049

http://www.mandriva.com/security/advisories?name=MDVSA-2009:050

http://www.openwall.com/lists/oss-security/2009/02/07/1

http://www.openwall.com/lists/oss-security/2009/02/12/5

http://www.securityfocus.com/bid/33674

https://exchange.xforce.ibmcloud.com/vulnerabilities/48617

http://gitweb2.dlitz.net/?p=crypto/pycrypto-2.x.git%3Ba=commitdiff%3Bh=d1c4875e1f220652fe7ff8358f56dee3b2aba31b

http://gitweb2.dlitz.net/?p=crypto/pycrypto-2.x.git%3Ba=commitdiff%3Bh=fd73731dfad451a81056fbb01e09aa78ab82eb5d

http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html

http://secunia.com/advisories/34199

http://secunia.com/advisories/35065

http://www.gentoo.org/security/en/glsa/glsa-200903-11.xml

http://www.mandriva.com/security/advisories?name=MDVSA-2009:049

http://www.mandriva.com/security/advisories?name=MDVSA-2009:050

http://www.openwall.com/lists/oss-security/2009/02/07/1

http://www.openwall.com/lists/oss-security/2009/02/12/5

http://www.securityfocus.com/bid/33674

https://exchange.xforce.ibmcloud.com/vulnerabilities/48617