Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CVE-2009-0537

CVE information

Published

14 years ago

Last Modified

3 months ago

CVSSv2.0 Severity

Medium

Impact Analysis

Description

Integer overflow in the fts_build function in fts.c in libc in (1) OpenBSD 4.4 and earlier and (2) Microsoft Interix 6.0 build 10.0.6030.0 allows context-dependent attackers to cause a denial of service (application crash) via a deep directory tree, related to the fts_level structure member, as demonstrated by (a) du, (b) rm, (c) chmod, and (d) chgrp on OpenBSD; and (e) SearchIndexer.exe on Vista Enterprise..

CVSSv2.0 Score

Severity
Medium
Base Score
4.9/10
Exploit Score
3.9/10
Access Vector
Local
Access Complexity
Low
Authentication Required
None
Impact Score
6.9/10
Confidentiality Impact
None
Availability Impact
Complete
Integrity Impact
None

Products Affected

CPE Affected Vulnerable Excluding Edit
cpe:2.3:o:openbsd:openbsd:4.1:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:openbsd:openbsd:3.7:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:openbsd:openbsd:3.8:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:openbsd:openbsd:3.1:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:openbsd:openbsd:2.9:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:openbsd:openbsd:2.1:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:openbsd:openbsd:2.2:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:openbsd:openbsd:3.9:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:openbsd:openbsd:2.0:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:openbsd:openbsd:3.2:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:openbsd:openbsd:4.2:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:openbsd:openbsd:3.6:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:openbsd:openbsd:4.0:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:microsoft:interix:6.0:*:10.0.6030.0:*:*:*:*:*
  Yes
- -
cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:openbsd:openbsd:4.3:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*
  Yes
- -