5
CVE-2009-3448
- EPSS 1.72%
- Veröffentlicht 29.09.2009 15:30:00
- Zuletzt bearbeitet 16.06.2026 23:11:37
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
npvmgr.exe in BakBone NetVault Backup 8.22 Build 29 allows remote attackers to cause a denial of service (daemon crash) via a packet to (1) TCP or (2) UDP port 20031 with a large value in an unspecified size field, which is not properly handled in a malloc operation. NOTE: some of these details are obtained from third party information.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.72% | 0.745 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://osvdb.org/58329
http://secunia.com/advisories/36847
http://www.insight-tech.org/index.php?p=bakbone-netvault-backup-8-22-build-29-remote-dos
http://www.securityfocus.com/bid/36489
http://www.securitytracker.com/id?1022941
https://exchange.xforce.ibmcloud.com/vulnerabilities/53434