Vulnerability CVE-2009-1391

Vulnerability Name:

CVE-2009-1391 (CCN-51062)

Assigned:

2009-06-11

Published:

2009-06-11

Updated:

2018-10-03

Summary:

Off-by-one error in the inflate function in Zlib.xs in Compress::Raw::Zlib Perl module before 2.017, as used in AMaViS, SpamAssassin, and possibly other products, allows context-dependent attackers to cause a denial of service (hang or crash) via a crafted zlib compressed stream that triggers a heap-based buffer overflow, as exploited in the wild by Trojan.Downloader-71014 in June 2009.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-189

Vulnerability Consequences:

Gain Access

References:

Source: MISC
Type: UNKNOWN
http://article.gmane.org/gmane.mail.virus.amavis.user/33635

Source: MISC
Type: Exploit
http://article.gmane.org/gmane.mail.virus.amavis.user/33638

Source: MITRE
Type: CNA
CVE-2009-1391

Source: SUSE
Type: UNKNOWN
SUSE-SR:2009:012

Source: OSVDB
Type: UNKNOWN
55041

Source: CCN
Type: Paul Marquess Compress-Raw-Zlib Web site
Compress::Raw::Zlib

Source: CCN
Type: SA35422
Perl Compress::Raw::Zlib Module Off-by-One Vulnerability

Source: SECUNIA
Type: Vendor Advisory
35422

Source: SECUNIA
Type: UNKNOWN
35685

Source: SECUNIA
Type: UNKNOWN
35689

Source: SECUNIA
Type: UNKNOWN
35876

Source: CCN
Type: SA36386
Perl Compress::Raw::Bzip2 Module Off-by-One Vulnerability

Source: CCN
Type: SA37534
ActivePerl Compress Modules Off-by-One Vulnerabilities

Source: GENTOO
Type: UNKNOWN
GLSA-200908-07

Source: MISC
Type: UNKNOWN
http://thread.gmane.org/gmane.mail.virus.amavis.user/33635

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2009:157

Source: CCN
Type: OSVDB ID: 55041
Perl Compress::Raw::Zlib Module Zlib.xs inflate() Function Overflow

Source: CCN
Type: OSVDB ID: 57174
Perl Compress::Raw::Bzip2 Module Bzip2.xs bzinflate() Function Off-by-One Overflow

Source: BID
Type: Exploit, Patch
35307

Source: CCN
Type: BID-35307
'Compress::Raw::Zlib' Perl Module Remote Code Execution Vulnerability

Source: CCN
Type: USN-794-1
Perl vulnerability

Source: VUPEN
Type: Patch, Vendor Advisory
ADV-2009-1571

Source: CONFIRM
Type: UNKNOWN
https://bugs.gentoo.org/show_bug.cgi?id=273141

Source: CCN
Type: Red Hat Bugzilla Bug 504386
CVE-2009-1391 Buffer overflow in Compress::Raw::Zlib

Source: CONFIRM
Type: Exploit
https://bugzilla.redhat.com/show_bug.cgi?id=504386

Source: XF
Type: UNKNOWN
perl-compressrawzlib-inflate-bo(51062)

Source: XF
Type: UNKNOWN
perl-compressrawzlib-inflate-bo(51062)

Source: UBUNTU
Type: UNKNOWN
USN-794-1

Source: FEDORA
Type: UNKNOWN
FEDORA-2009-7680

Source: SUSE
Type: SUSE-SR:2009:012
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/a:paul_marquess:compress-raw-zlib_perl_module:2.001:*:*:*:*:*:*:*

OR cpe:/a:paul_marquess:compress-raw-zlib_perl_module:2.002:*:*:*:*:*:*:*

OR cpe:/a:paul_marquess:compress-raw-zlib_perl_module:2.003:*:*:*:*:*:*:*

OR cpe:/a:paul_marquess:compress-raw-zlib_perl_module:2.004:*:*:*:*:*:*:*

OR cpe:/a:paul_marquess:compress-raw-zlib_perl_module:2.005:*:*:*:*:*:*:*

OR cpe:/a:paul_marquess:compress-raw-zlib_perl_module:2.006:*:*:*:*:*:*:*

OR cpe:/a:paul_marquess:compress-raw-zlib_perl_module:2.008:*:*:*:*:*:*:*

OR cpe:/a:paul_marquess:compress-raw-zlib_perl_module:2.009:*:*:*:*:*:*:*

OR cpe:/a:paul_marquess:compress-raw-zlib_perl_module:2.010:*:*:*:*:*:*:*

OR cpe:/a:paul_marquess:compress-raw-zlib_perl_module:2.011:*:*:*:*:*:*:*

OR cpe:/a:paul_marquess:compress-raw-zlib_perl_module:2.012:*:*:*:*:*:*:*

OR cpe:/a:paul_marquess:compress-raw-zlib_perl_module:2.014:*:*:*:*:*:*:*

OR cpe:/a:paul_marquess:compress-raw-zlib_perl_module:*:*:*:*:*:*:*:* (Version <= 2.015)

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20091391	V	CVE-2009-1391	2022-05-20
oval:org.opensuse.security:def:29460	P	Security update for glib-networking (Important)	2021-12-13
oval:org.opensuse.security:def:32232	P	Security update for webkit2gtk3 (Important)	2021-12-01
oval:org.opensuse.security:def:29424	P	Security update for ghostscript (Critical)	2021-09-21
oval:org.opensuse.security:def:32098	P	Security update for dovecot22 (Important)	2021-01-04
oval:org.opensuse.security:def:32835	P	Security update for MozillaFirefox (Critical)	2020-12-21
oval:org.opensuse.security:def:32013	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2020-12-07
oval:org.opensuse.security:def:32012	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)	2020-12-07
oval:org.opensuse.security:def:32681	P	gvim on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28349	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32024	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32769	P	perl-HTML-Parser on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28585	P	Security update for libvirt	2020-12-01
oval:org.opensuse.security:def:28003	P	security update for xen (Moderate)	2020-12-01
oval:org.opensuse.security:def:28687	P	Security update for flash-player (Moderate)	2020-12-01
oval:org.opensuse.security:def:32382	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:28078	P	Security update for gcc43 (Moderate)	2020-12-01
oval:org.opensuse.security:def:33512	P	Security update for Perl	2020-12-01
oval:org.opensuse.security:def:28742	P	Security update for libgadu	2020-12-01
oval:org.opensuse.security:def:32625	P	NetworkManager-gnome on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28292	P	Security update for nasm (Moderate)	2020-12-01
oval:org.opensuse.security:def:32730	P	librsvg on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28433	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:28002	P	Security update for SDL_image (Moderate)	2020-12-01
oval:org.opensuse.security:def:32791	P	syslog-ng on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28638	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:32325	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:28014	P	Security update for audiofile (Moderate)	2020-12-01
oval:org.opensuse.security:def:33473	P	Security update for libapr-util1	2020-12-01
oval:org.opensuse.security:def:28726	P	Security update for krb5	2020-12-01
oval:org.opensuse.security:def:32469	P	Security update for xorg-x11-server (Moderate)	2020-12-01
oval:org.opensuse.security:def:28208	P	Security update for libmspack (Moderate)	2020-12-01
oval:org.opensuse.security:def:28786	P	Security update for mozilla-nss (Moderate)	2020-12-01
oval:org.mitre.oval:def:13328	P	USN-794-1 -- libcompress-raw-zlib-perl, perl vulnerability	2014-06-30

BACK