CVE-2009-1633: CVE-2009-1633

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2009-1633

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Multiple buffer overflows in the cifs subsystem in the Linux kernel before 2.6.29.4 allow remote CIFS servers to cause a denial of service (memory corruption) and possibly have unspecified other impact via (1) a malformed Unicode string, related to Unicode string area alignment in fs/cifs/sess.c; or (2) long Unicode characters, related to fs/cifs/cifssmb.c and the cifs_readdir function in fs/cifs/readdir.c.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Linux Kernel CIFS字符串转换多个缓冲区溢出漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。NFSv4 implementation是其中的一个分布式文件系统协议。 Linux Kernel的cifs处理代码通常将ucs2_le字符串(windows所使用的双字节编码方案)转换为本地NLS字符集。字符串转换例程仅接受由所要转换的宽字符数所指定的单个长度参数，因此假设目标缓冲区已足够大，但实际上特制的CIFS字符串仍可触发缓冲区溢出。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2009-1633

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2009-1633

Please Login to view more intelligence information

http://www.vmware.com/security/advisories/VMSA-2009-0016.htmlx_refsource_CONFIRM
http://git.kernel.org/?p=linux/kernel/git/sfrench/cifs-2.6.git%3Ba=commit%3Bh=968460ebd8006d55661dec0fb86712b40d71c413x_refsource_CONFIRM
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=27b87fe52baba0a55e9723030e76fce94fabcea4x_refsource_CONFIRM
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.29.4x_refsource_CONFIRM
http://wiki.rpath.com/Advisories:rPSA-2009-0111x_refsource_CONFIRM
http://secunia.com/advisories/35847third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/35217third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/36051third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/35226third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/35298third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/34612vdb-entryx_refsource_BID
http://secunia.com/advisories/35656third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/37351third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/36327third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/37471third-party-advisoryx_refsource_SECUNIA
http://www.debian.org/security/2009/dsa-1865vendor-advisoryx_refsource_DEBIAN
http://www.debian.org/security/2009/dsa-1844vendor-advisoryx_refsource_DEBIAN
http://www.ubuntu.com/usn/usn-793-1vendor-advisoryx_refsource_UBUNTU
http://www.vupen.com/english/advisories/2009/3316vdb-entryx_refsource_VUPEN
http://www.mandriva.com/security/advisories?name=MDVSA-2009:148vendor-advisoryx_refsource_MANDRIVA
http://www.redhat.com/support/errata/RHSA-2009-1157.htmlvendor-advisoryx_refsource_REDHAT
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01126.htmlvendor-advisoryx_refsource_FEDORA
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.htmlvendor-advisoryx_refsource_SUSE
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01271.htmlvendor-advisoryx_refsource_FEDORA
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.htmlvendor-advisoryx_refsource_SUSE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9525vdb-entrysignaturex_refsource_OVAL
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8588vdb-entrysignaturex_refsource_OVAL
http://www.securityfocus.com/archive/1/505254/100/0/threadedmailing-listx_refsource_BUGTRAQ
http://marc.info/?l=oss-security&m=124099284225229&w=2mailing-listx_refsource_MLIST
http://marc.info/?l=oss-security&m=124099371726547&w=2mailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2009/05/14/1mailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2009/05/14/4mailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2009/05/15/2mailing-listx_refsource_MLIST
http://www.securityfocus.com/archive/1/507985/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2009-1633

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2009-1633

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2009-1633

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2009-1633

III. Intelligence Information for CVE-2009-1633

IV. Related Vulnerabilities

V. Comments for CVE-2009-1633

Leave a comment