CVE-2011-2900 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.5 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:N/C:P/I:P/A:P

Base Score

CVSS 3.x

EPSS Score

Percentile: 97%

Affected Products (NVD)

Vendor	Product	Version
shttpd	shttpd	1.42
valenok	mongoose	3.0
yassl	yasslews	0.2

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065273.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065505.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065537.html

http://secunia.com/advisories/45464

http://secunia.com/advisories/45902

http://securityreason.com/securityalert/8337

http://www.openwall.com/lists/oss-security/2011/08/03/5

http://www.openwall.com/lists/oss-security/2011/08/03/9

http://www.securityfocus.com/bid/48980

https://code.google.com/p/mongoose/source/detail?r=556f4de91eae4bac40dc5d4ddbd9ec7c424711d0

https://exchange.xforce.ibmcloud.com/vulnerabilities/68991

http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065273.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065505.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065537.html

http://secunia.com/advisories/45464

http://secunia.com/advisories/45902

http://securityreason.com/securityalert/8337

http://www.openwall.com/lists/oss-security/2011/08/03/5

http://www.openwall.com/lists/oss-security/2011/08/03/9

http://www.securityfocus.com/bid/48980

https://code.google.com/p/mongoose/source/detail?r=556f4de91eae4bac40dc5d4ddbd9ec7c424711d0

https://exchange.xforce.ibmcloud.com/vulnerabilities/68991