CVE-2009-1759 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Vector
NIST	NIST	9.3 UNKNOWN	NETWORK	MEDIUM	AV:N/AC:M/Au:N/C:C/I:C/A:C
mitre	CNA	---			---
CVE	ADP	---			---

Base Score

CVSS 3.x

EPSS Score

Percentile: 96%

Vendor	Product	Version
rahul	dtorrent	3.2.0
rahul	dtorrent	3.3.0
rahul	dtorrent	3.3.1
rahul	dtorrent	3.3.2
rahul	ctorrent	1.3.4

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

ctorrent

bookworm	1.3.4.dnh3.3.2-5 fixed
bullseye	1.3.4.dnh3.3.2-5 fixed
sid	1.3.4.dnh3.3.2-6 fixed
trixie	1.3.4.dnh3.3.2-6 fixed

Ubuntu Releases

Ubuntu Product

Codename

ctorrent

maverick	not-affected
lucid	not-affected
karmic	not-affected
jaunty	ignored
intrepid	ignored
hardy	Fixed 1.3.4-dnh3.2-1+lenny1build0.8.04.1 released
dapper	dne

Known Exploits!

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

http://dtorrent.svn.sourceforge.net/viewvc/dtorrent/dtorrent/trunk/btfiles.cpp?r1=296&r2=301&view=patch

http://secunia.com/advisories/34752

http://secunia.com/advisories/35499

http://secunia.com/advisories/36471

http://sourceforge.net/tracker/?func=detail&aid=2782875&group_id=202532&atid=981959

http://www.debian.org/security/2009/dsa-1817

http://www.openwall.com/lists/oss-security/2009/05/20/3

http://www.securityfocus.com/bid/34584

http://www.vupen.com/english/advisories/2009/1092

https://bugzilla.redhat.com/show_bug.cgi?id=501813

https://exchange.xforce.ibmcloud.com/vulnerabilities/49959

https://www.exploit-db.com/exploits/8470

https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01010.html

https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01102.html