LiveActive security incident?Get immediate response
CVE archive

September 2009

Browse CVE records published in September 2009, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 484 matching CVEs · Page 3 of 10.

Unknown · CVSS Not scored

CVE-2009-3340: Unspecified vulnerability in FreeSSHD 1.2.4 allows remote attackers to cause a denial of service via unknow...

Unspecified vulnerability in FreeSSHD 1.2.4 allows remote attackers to cause a denial of service via unknown vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.

Published Sep 24, 2009 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2009-3179: Multiple unspecified vulnerabilities in Symantec Altiris Deployment Solution 6.9 might allow remote attacke...

Multiple unspecified vulnerabilities in Symantec Altiris Deployment Solution 6.9 might allow remote attackers to execute arbitrary code via unknown client-side attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 7.17, as identified by (1) "Symantec Altiris Deployment Solution 6.9 exploit, (2) "Symantec Altiris Deployment Solution 6.9 exploit (II)," and (3) "Symantec Altiris Deployment Solution 6.9 exploit (III)." NOTE: as of 20090909, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.

Published Sep 11, 2009 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2009-3097: Multiple unspecified vulnerabilities in HP Performance Insight 5.3 on Windows allow attackers to obtain sen...

Multiple unspecified vulnerabilities in HP Performance Insight 5.3 on Windows allow attackers to obtain sensitive information via unknown vectors, as demonstrated by certain modules in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.

Published Sep 8, 2009 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2009-3177: Unspecified vulnerability in Kaspersky Online Scanner 7.0 has unknown impact and attack vectors, as demonst...

Unspecified vulnerability in Kaspersky Online Scanner 7.0 has unknown impact and attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.8, (1) "Kaspersky Online Antivirus Scanner 7.0 exploit (Linux)" and (2) "Kaspersky Online Antivirus Scanner 7.0 exploit (Windows)." NOTE: as of 20090909, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.

Published Sep 11, 2009 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2009-3089: IBM Tivoli Directory Server (TDS) 6.0 allows remote attackers to cause a denial of service (NULL pointer de...

IBM Tivoli Directory Server (TDS) 6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via unspecified vectors, related to (1) the ibmslapd.exe daemon on Windows and (2) the ibmdiradm daemon in the administration server on Linux, as demonstrated by certain modules in VulnDisco Pack Professional 8.11, a different vulnerability than CVE-2006-0717. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.

Published Sep 8, 2009 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2009-4895: Race condition in the tty_fasync function in drivers/char/tty_io.c in the Linux kernel before 2.6.32.6 allo...

Race condition in the tty_fasync function in drivers/char/tty_io.c in the Linux kernel before 2.6.32.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via unknown vectors, related to the put_tty_queue and __f_setown functions. NOTE: the vulnerability was addressed in a different way in 2.6.32.9.

Published Sep 8, 2010 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2009-3448: npvmgr.exe in BakBone NetVault Backup 8.22 Build 29 allows remote attackers to cause a denial of service (d...

npvmgr.exe in BakBone NetVault Backup 8.22 Build 29 allows remote attackers to cause a denial of service (daemon crash) via a packet to (1) TCP or (2) UDP port 20031 with a large value in an unspecified size field, which is not properly handled in a malloc operation. NOTE: some of these details are obtained from third party information.

Published Sep 29, 2009 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2009-3457: Cisco ACE XML Gateway (AXG) and ACE Web Application Firewall (WAF) before 6.1 allow remote attackers to obt...

Cisco ACE XML Gateway (AXG) and ACE Web Application Firewall (WAF) before 6.1 allow remote attackers to obtain sensitive information via an HTTP request that lacks a handler, as demonstrated by (1) an OPTIONS request or (2) a crafted GET request, leading to a Message-handling Errors message containing a certain client intranet IP address, aka Bug ID CSCtb82159.

Published Sep 29, 2009 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2009-3492: Multiple PHP remote file inclusion vulnerabilities in Loggix Project 9.4.5 and earlier allow remote attacke...

Multiple PHP remote file inclusion vulnerabilities in Loggix Project 9.4.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the pathToIndex parameter to (1) Calendar.php, (2) Comment.php, (3) Rss.php and (4) Trackback.php in lib/Loggix/Module/; and (5) modules/downloads/lib/LM_Downloads.php.

Published Sep 30, 2009 · Updated Aug 7, 2024