var-200909-0134
Vulnerability from variot
Buffer overflow on the Linksys WRT54GL wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. An attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed attempts will likely cause a denial-of-service condition. WRT54GL is prone to a remote security vulnerability. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
For more information visit: http://secunia.com/advisories/business_solutions/
Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com
TITLE: Linksys WRT54GL Unspecified Buffer Overflow Vulnerability
SECUNIA ADVISORY ID: SA36571
VERIFY ADVISORY: http://secunia.com/advisories/36571/
DESCRIPTION: A vulnerability has been reported in Linksys WRT54GL, which can be exploited by malicious people to compromise a vulnerable device.
The vulnerability is caused due to an unspecified error and can be exploited to cause a buffer overflow. No further information is currently available.
SOLUTION: Due to the very limited available information, it is not possible to suggest an effective workaround.
PROVIDED AND/OR DISCOVERED BY: Reportedly a module for VulnDisco Pack.
ORIGINAL ADVISORY: http://intevydis.com/vd-list.shtml
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200909-0134",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wrt54gl",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "*"
},
{
"model": "wrt54gl",
"scope": null,
"trust": 0.8,
"vendor": "cisco linksys",
"version": null
},
{
"model": "wrt54gl",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "0"
},
{
"model": "wrt54gl",
"scope": null,
"trust": 0.6,
"vendor": "linksys",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "82342"
},
{
"db": "BID",
"id": "87522"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-004975"
},
{
"db": "CNNVD",
"id": "CNNVD-200909-453"
},
{
"db": "NVD",
"id": "CVE-2009-3341"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:linksys:wrt54gl",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-004975"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "82342"
},
{
"db": "BID",
"id": "87522"
}
],
"trust": 0.6
},
"cve": "CVE-2009-3341",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2009-3341",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-40787",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-3341",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2009-3341",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200909-453",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-40787",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40787"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-004975"
},
{
"db": "CNNVD",
"id": "CNNVD-200909-453"
},
{
"db": "NVD",
"id": "CVE-2009-3341"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow on the Linksys WRT54GL wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. \nAn attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed attempts will likely cause a denial-of-service condition. WRT54GL is prone to a remote security vulnerability. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nLinksys WRT54GL Unspecified Buffer Overflow Vulnerability\n\nSECUNIA ADVISORY ID:\nSA36571\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/36571/\n\nDESCRIPTION:\nA vulnerability has been reported in Linksys WRT54GL, which can be\nexploited by malicious people to compromise a vulnerable device. \n\nThe vulnerability is caused due to an unspecified error and can be\nexploited to cause a buffer overflow. No further information is\ncurrently available. \n\nSOLUTION:\nDue to the very limited available information, it is not possible to\nsuggest an effective workaround. \n\nPROVIDED AND/OR DISCOVERED BY:\nReportedly a module for VulnDisco Pack. \n\nORIGINAL ADVISORY:\nhttp://intevydis.com/vd-list.shtml\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-3341"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-004975"
},
{
"db": "BID",
"id": "82342"
},
{
"db": "BID",
"id": "87522"
},
{
"db": "VULHUB",
"id": "VHN-40787"
},
{
"db": "PACKETSTORM",
"id": "80968"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-3341",
"trust": 3.1
},
{
"db": "SECTRACK",
"id": "1022827",
"trust": 2.3
},
{
"db": "SECUNIA",
"id": "36571",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-004975",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200909-453",
"trust": 0.7
},
{
"db": "BID",
"id": "87522",
"trust": 0.4
},
{
"db": "BID",
"id": "82342",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-40787",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "80968",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40787"
},
{
"db": "BID",
"id": "82342"
},
{
"db": "BID",
"id": "87522"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-004975"
},
{
"db": "PACKETSTORM",
"id": "80968"
},
{
"db": "CNNVD",
"id": "CNNVD-200909-453"
},
{
"db": "NVD",
"id": "CVE-2009-3341"
}
]
},
"id": "VAR-200909-0134",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-40787"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T23:13:05.998000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Linksys",
"trust": 0.8,
"url": "http://home.cisco.com/en-apac/home"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-004975"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40787"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-004975"
},
{
"db": "NVD",
"id": "CVE-2009-3341"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://intevydis.com/vd-list.shtml"
},
{
"trust": 2.3,
"url": "http://www.securitytracker.com/id?1022827"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/36571"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3341"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3341"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/36571/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40787"
},
{
"db": "BID",
"id": "82342"
},
{
"db": "BID",
"id": "87522"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-004975"
},
{
"db": "PACKETSTORM",
"id": "80968"
},
{
"db": "CNNVD",
"id": "CNNVD-200909-453"
},
{
"db": "NVD",
"id": "CVE-2009-3341"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-40787"
},
{
"db": "BID",
"id": "82342"
},
{
"db": "BID",
"id": "87522"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-004975"
},
{
"db": "PACKETSTORM",
"id": "80968"
},
{
"db": "CNNVD",
"id": "CNNVD-200909-453"
},
{
"db": "NVD",
"id": "CVE-2009-3341"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-09-24T00:00:00",
"db": "VULHUB",
"id": "VHN-40787"
},
{
"date": "2009-09-24T00:00:00",
"db": "BID",
"id": "82342"
},
{
"date": "2009-09-24T00:00:00",
"db": "BID",
"id": "87522"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-004975"
},
{
"date": "2009-09-03T05:18:59",
"db": "PACKETSTORM",
"id": "80968"
},
{
"date": "2009-09-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200909-453"
},
{
"date": "2009-09-24T16:30:01.733000",
"db": "NVD",
"id": "CVE-2009-3341"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-09-28T00:00:00",
"db": "VULHUB",
"id": "VHN-40787"
},
{
"date": "2009-09-24T00:00:00",
"db": "BID",
"id": "82342"
},
{
"date": "2009-09-24T00:00:00",
"db": "BID",
"id": "87522"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-004975"
},
{
"date": "2009-09-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200909-453"
},
{
"date": "2024-11-21T01:07:07.903000",
"db": "NVD",
"id": "CVE-2009-3341"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "82342"
},
{
"db": "BID",
"id": "87522"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linksys WRT54GL Wireless router buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-004975"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "82342"
},
{
"db": "BID",
"id": "87522"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…