vendor:
Unknown
by:
milw0rm.com
7,8
CVSS
HIGH
Buffer Overflow
120
CWE
Product Name: Unknown
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: YES
Related CWE: CVE-2009-2698
CPE: Unknown
Metasploit:
https://www.rapid7.com/db/vulnerabilities/vmsa-2010-0010-cve-2009-2698/, https://www.rapid7.com/db/vulnerabilities/vmsa-2009-0016-5-updated-service-console-package-kernel-cve-2009-2698/, https://www.rapid7.com/db/vulnerabilities/suse-cve-2009-2698/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2009-1233/, https://www.rapid7.com/db/vulnerabilities/centos_linux-cve-2009-2698/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2009-1457/
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: x86/x64
2009
CVE-2009-2698 udp_sendmsg()
This exploit is a bit more nuanced and thoughtful. It is a buffer overflow vulnerability in the udp_sendmsg() function on x86/x64 architectures. It was discovered by Julien/Tavis and p0c73n1.
Mitigation:
The exploit can be mitigated by applying the patch provided by the vendor.