Vulnerability Name:

CVE-2009-4881 (CCN-59241)

Assigned:2009-10-30
Published:2009-10-30
Updated:2017-08-17
Summary:Integer overflow in the __vstrfmon_l function in stdlib/strfmon_l.c in the strfmon implementation in the GNU C Library (aka glibc or libc6) before 2.10.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted format string, as demonstrated by the %99999999999999999999n string, a related issue to CVE-2008-1391.
CVSS v3 Severity:5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
3.4 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-189
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2009-4881

Source: GENTOO
Type: UNKNOWN
GLSA-201011-01

Source: CCN
Type: Bugzilla Bug 10600
stdio/strfmon.c multiple vulnerabilities

Source: CONFIRM
Type: UNKNOWN
http://sources.redhat.com/bugzilla/show_bug.cgi?id=10600

Source: CONFIRM
Type: Patch
http://sourceware.org/git/?p=glibc.git;a=commit;h=153aa31b93be22e01b236375fb02a9f9b9a0195f

Source: DEBIAN
Type: UNKNOWN
DSA-2058

Source: DEBIAN
Type: DSA-2058
eglibc -- multiple vulnerabilities

Source: CCN
Type: GLSA-201011-01
GNU C library: Multiple vulnerabilities

Source: CCN
Type: GNU C Library Web page
GNC C Library - GNU Project - Free Software Foundation (FSF)

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2010:111

Source: CCN
Type: BID-36443
GNU glibc 'strfmon()' Function Integer Overflow Weakness

Source: CCN
Type: USN-944-1
GNU C Library vulnerabilities

Source: XF
Type: UNKNOWN
gnuclibrary-vstrfmonl-overflow(59241)

Source: XF
Type: UNKNOWN
gnuclibrary-vstrfmonl-overflow(59241)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:gnu:glibc:1.00:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:1.01:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:1.02:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:1.03:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:1.04:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:1.05:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:1.06:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:1.07:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:1.08:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:1.09:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.1.3.10:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.1.9:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.2.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.3.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.3.6:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.3.10:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.6:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.7:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.8:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:*:*:*:*:*:*:*:* (Version <= 2.9)

    • Configuration CCN 1:
  • cpe:/a:gnu:glibc:2.2.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.1.9:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.3.10:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.1.3.10:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.7:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.3.6:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.6:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.8:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.9:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.3.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:1.09:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:1.08:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:1.07:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:1.06:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:1.05:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:1.04:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:1.03:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:1.02:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:1.01:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:1.00:*:*:*:*:*:*:*
  • AND
  • cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:5.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.1:*:*:*:x86_64:*:*:*
  • OR cpe:/o:mandriva:enterprise_server:5:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:enterprise_server:5:*:*:*:x86_64:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:13533
    P
    		DSA-2058-1 glibc, eglibc -- multiple
    2014-06-23
    oval:org.debian:def:2058
    V
    		multiple vulnerabilities
    2010-06-10
    BACK
    gnu glibc 1.00
    gnu glibc 1.01
    gnu glibc 1.02
    gnu glibc 1.03
    gnu glibc 1.04
    gnu glibc 1.05
    gnu glibc 1.06
    gnu glibc 1.07
    gnu glibc 1.08
    gnu glibc 1.09
    gnu glibc 2.0
    gnu glibc 2.0.1
    gnu glibc 2.0.2
    gnu glibc 2.0.3
    gnu glibc 2.0.4
    gnu glibc 2.0.5
    gnu glibc 2.0.6
    gnu glibc 2.1
    gnu glibc 2.1.1
    gnu glibc 2.1.1.6
    gnu glibc 2.1.2
    gnu glibc 2.1.3
    gnu glibc 2.1.3.10
    gnu glibc 2.1.9
    gnu glibc 2.2
    gnu glibc 2.2.1
    gnu glibc 2.2.2
    gnu glibc 2.2.3
    gnu glibc 2.2.4
    gnu glibc 2.2.5
    gnu glibc 2.3
    gnu glibc 2.3.1
    gnu glibc 2.3.2
    gnu glibc 2.3.3
    gnu glibc 2.3.4
    gnu glibc 2.3.5
    gnu glibc 2.3.6
    gnu glibc 2.3.10
    gnu glibc 2.4
    gnu glibc 2.5
    gnu glibc 2.5.1
    gnu glibc 2.6
    gnu glibc 2.6.1
    gnu glibc 2.7
    gnu glibc 2.8
    gnu glibc *
    gnu glibc 2.2.5
    gnu glibc 2.2.1
    gnu glibc 2.0
    gnu glibc 2.0.1
    gnu glibc 2.0.2
    gnu glibc 2.0.3
    gnu glibc 2.0.4
    gnu glibc 2.0.5
    gnu glibc 2.0.6
    gnu glibc 2.1
    gnu glibc 2.1.1
    gnu glibc 2.1.1.6
    gnu glibc 2.1.2
    gnu glibc 2.1.3
    gnu glibc 2.1.9
    gnu glibc 2.2
    gnu glibc 2.2.2
    gnu glibc 2.2.3
    gnu glibc 2.2.4
    gnu glibc 2.3
    gnu glibc 2.3.1
    gnu glibc 2.3.10
    gnu glibc 2.3.2
    gnu glibc 2.3.3
    gnu glibc 2.3.4
    gnu glibc 2.1.3.10
    gnu glibc 2.7
    gnu glibc 2.3.6
    gnu glibc 2.4
    gnu glibc 2.5
    gnu glibc 2.5.1
    gnu glibc 2.6
    gnu glibc 2.6.1
    gnu glibc 2.8
    gnu glibc 2.9
    gnu glibc 2.3.5
    gnu glibc 1.09
    gnu glibc 1.08
    gnu glibc 1.07
    gnu glibc 1.06
    gnu glibc 1.05
    gnu glibc 1.04
    gnu glibc 1.03
    gnu glibc 1.02
    gnu glibc 1.01
    gnu glibc 1.00
    gentoo linux *
    mandrakesoft mandrake multi network firewall 2.0
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux 2008.0
    mandrakesoft mandrake linux 2008.0
    mandriva linux 2009.0
    mandriva linux 2009.0 -
    debian debian linux 5.0
    mandriva linux 2009.1
    mandriva linux 2009.1
    mandriva enterprise server 5
    mandriva enterprise server 5