CyberSec.Space Logo
返回 CVE 浏览器

CVE-2009-0650

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1600%
EPSS Percentile23.03th
Published2009年2月20日
Last Modified2026年4月23日

Vulnerability Description

Stack-based buffer overflow in the GetStatsFromLine function in TPTEST 3.1.7 and earlier, and possibly 5.02, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a STATS line with a long pwd field. NOTE: some of these details are obtained from third party information.

Affected Platforms (CPE)

📦
Tptest

Tptest

<= 3.1.7
📦
Tptest

Tptest

= 5.0.2

References & Advisories

🔗 http://secunia.com/advisories/33972
🔗 http://www.securityfocus.com/bid/33785
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/48781
🔗 https://www.exploit-db.com/exploits/8058
🔗 http://secunia.com/advisories/33972
🔗 http://www.securityfocus.com/bid/33785
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/48781
🔗 https://www.exploit-db.com/exploits/8058

相关漏洞威胁

CVE-2009-06595.0

Stack-based buffer overflow in the GetStatsFromLine function in TPTEST 3.1.7 allows remote attackers to have an unknown impact via...

CVE-2009-049210.0

Unspecified vulnerability in SimpleIrcBot before 1.0 Stable has unknown impact and attack vectors related to an "auth vulnerabilit...

CVE-2009-227110.0

The Huawei D100 has (1) a certain default administrator password for the web interface, and does not force a password change; and ...

CVE-2009-427310.0

stap-server in SystemTap before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in stap command...