5

CVE-2009-3448

Exploit
npvmgr.exe in BakBone NetVault Backup 8.22 Build 29 allows remote attackers to cause a denial of service (daemon crash) via a packet to (1) TCP or (2) UDP port 20031 with a large value in an unspecified size field, which is not properly handled in a malloc operation.  NOTE: some of these details are obtained from third party information.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
BakboneNetvault Version8.22
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.72% 0.745
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://osvdb.org/58329
http://secunia.com/advisories/36847
Vendor Advisory
http://www.insight-tech.org/index.php?p=bakbone-netvault-backup-8-22-build-29-remote-dos
Exploit
URL Repurposed
http://www.securityfocus.com/bid/36489
http://www.securitytracker.com/id?1022941
https://exchange.xforce.ibmcloud.com/vulnerabilities/53434