Vulnerability Description
npvmgr.exe in BakBone NetVault Backup 8.22 Build 29 allows remote attackers to cause a denial of service (daemon crash) via a packet to (1) TCP or (2) UDP port 20031 with a large value in an unspecified size field, which is not properly handled in a malloc operation. NOTE: some of these details are obtained from third party information.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bakbone | Netvault | 8.22 |
Related Weaknesses (CWE)
References
- http://osvdb.org/58329
- http://secunia.com/advisories/36847Vendor Advisory
- http://www.insight-tech.org/index.php?p=bakbone-netvault-backup-8-22-build-29-reExploitURL Repurposed
- http://www.securityfocus.com/bid/36489
- http://www.securitytracker.com/id?1022941
- https://exchange.xforce.ibmcloud.com/vulnerabilities/53434
- http://osvdb.org/58329
- http://secunia.com/advisories/36847Vendor Advisory
- http://www.insight-tech.org/index.php?p=bakbone-netvault-backup-8-22-build-29-reExploitURL Repurposed
- http://www.securityfocus.com/bid/36489
- http://www.securitytracker.com/id?1022941
- https://exchange.xforce.ibmcloud.com/vulnerabilities/53434
FAQ
What is CVE-2009-3448?
CVE-2009-3448 is a vulnerability with a CVSS score of 5.0 (MEDIUM). npvmgr.exe in BakBone NetVault Backup 8.22 Build 29 allows remote attackers to cause a denial of service (daemon crash) via a packet to (1) TCP or (2) UDP port 20031 with a large value in an unspecifi...
How severe is CVE-2009-3448?
CVE-2009-3448 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-3448?
Check the references section above for vendor advisories and patch information. Affected products include: Bakbone Netvault.