Details of VAR-200904-0291

ID

VAR-200904-0291

CVE

CVE-2009-1185

TITLE

udev Elevation of privilege vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2009-001256

DESCRIPTION

udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space. Local attackers may exploit this issue to gain elevated privileges, which may lead to a complete compromise of the system. Versions prior to udev 141 are vulnerable. udev is a device manager of the Linux kernel series. Its main function is to manage device nodes in the /dev directory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ----------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2009-0009 Synopsis: ESX Service Console updates for udev, sudo, and curl Issue date: 2009-07-10 Updated on: 2009-07-10 (initial release of advisory) CVE numbers: CVE-2009-1185 CVE-2009-0034 CVE-2009-0037 - ----------------------------------------------------------------------- 1. Summary Update for Service Console packages udev,sudo, and curl 2. Relevant releases VMware ESX 4.0.0 without bulletin ESX400-200906411-SG, ESX400-200906406-SG, ESX400-200906407-SG. 3. Problem Description a. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-1185 to this issue. Please see http://kb.vmware.com/kb/1011786 for details. The following table lists what action remediates the vulnerability (column 4) if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX 4.0 ESX ESX400-200906411-SG ESX 3.5 ESX not affected ESX 3.0.3 ESX not affected ESX 3.0.2 ESX not affected ESX 2.5.5 ESX not affected * hosted products are VMware Workstation, Player, ACE, Server, Fusion. b. Service Console package sudo Service Console package for sudo has been updated to version sudo-1.6.9p17-3. This fixes the following issue: Sudo versions 1.6.9p17 through 1.6.9p19 do not properly interpret a system group in the sudoers file during authorization decisions for a user who belongs to that group, which might allow local users to leverage an applicable sudoers file and gain root privileges by using a sudo command. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-0034 to this issue. Please see http://kb.vmware.com/kb/1011781 for more details The following table lists what action remediates the vulnerability (column 4) if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX 4.0 ESX ESX400-200906411-SG ESX 3.5 ESX not affected ESX 3.0.3 ESX not affected ESX 3.0.2 ESX not affected ESX 2.5.5 ESX not affected * hosted products are VMware Workstation, Player, ACE, Server, Fusion. c. Service Console package curl Service Console package for curl has been updated to version curl-7.15.5-2.1. This fixes the following issue: The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPT_FOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to trigger arbitrary requests to intranet servers, read or overwrite arbitrary files by using a redirect to a file: URL, or execute arbitrary commands by using a redirect to an scp: URL. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-0037 to this issue. Please see http://kb.vmware.com/kb/1011782 for details The following table lists what action remediates the vulnerability (column 4) if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX 4.0 ESX ESX400-200906407-SG ESX 3.5 ESX not affected ESX 3.0.3 ESX not affected ESX 3.0.2 ESX not affected ESX 2.5.5 ESX not affected * hosted products are VMware Workstation, Player, ACE, Server, Fusion. 4. Solution Please review the patch/release notes for your product and version and verify the md5sum of your downloaded file. ESX 4.0 ------- ESX400-200906001 http://tinyurl.com/ncfu5s md5sum:cab549922f3429b236633c0e81351cde sha1sum:aff76554ec5ee3c915eb4eac02e62c131163059a Note: ESX400-200906001 contains the following security fixes ESX400-200906411-SG, ESX400-200906406-SG, ESX400-200906405-SG, ESX400-200906407-SG. To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX400-200906001.zip -b ESX400-200906411-SG \ -b ESX400-200906406-SG -b ESX400-200906405-SG -b \ ESX400-200906407-SG update 5. References CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1185 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0034 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037 - ------------------------------------------------------------------------- 6. Change log 2009-07-10 VMSA-2009-0008 Initial security advisory after release of bulletins for ESX 4.0 on 2009-07-10. - ------------------------------------------------------------------------ 7. Contact E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce This Security Advisory is posted to the following lists: * security-announce at lists.vmware.com * bugtraq at securityfocus.com * full-disclosure at lists.grok.org.uk E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055 VMware Security Center http://www.vmware.com/security VMware security response policy http://www.vmware.com/support/policies/security_response.html General support life cycle policy http://www.vmware.com/support/policies/eos.html VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html Copyright 2009 VMware Inc. All rights reserved. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32) iD8DBQFKV9esS2KysvBH1xkRAn2bAJ91HvmEkAxVpRxehax8rGzBd+ufcwCeIhk8 zk/ROHHbZJmWN44MlbMIx/8= =fQaI -----END PGP SIGNATURE----- . Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments (CVE-2009-1186). The updated packages have been patched to prevent this. Update: Packages for 2008.0 are being provided due to extended support for Corporate products. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1185 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1186 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.0: 8268a6d9b8b782f008c6bad08081aa1f 2008.0/i586/libvolume_id0-114-7.1mdv2008.0.i586.rpm f25010279ad483a4bd1df3300be1eff5 2008.0/i586/libvolume_id0-devel-114-7.1mdv2008.0.i586.rpm 527afa06fad5b28de6ba60c12c5cc685 2008.0/i586/udev-114-7.1mdv2008.0.i586.rpm b472ccee86044dba507029b63385e306 2008.0/i586/udev-doc-114-7.1mdv2008.0.i586.rpm 33a3aeb9701b9a90b776b08595055f05 2008.0/i586/udev-tools-114-7.1mdv2008.0.i586.rpm b6057c15bb22b381d07ee45a6bc81974 2008.0/SRPMS/udev-114-7.1mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: 8e05d00d129d11f2442390ec7dd4174c 2008.0/x86_64/lib64volume_id0-114-7.1mdv2008.0.x86_64.rpm 2718c04a037f773bca23b010265071ce 2008.0/x86_64/lib64volume_id0-devel-114-7.1mdv2008.0.x86_64.rpm 6756f2bb0dad6dee8188e5dccc1f92cb 2008.0/x86_64/udev-114-7.1mdv2008.0.x86_64.rpm b65a69fde92e29d6affa25d32e881dff 2008.0/x86_64/udev-doc-114-7.1mdv2008.0.x86_64.rpm bf39012f0e457b61fd203711625d78dc 2008.0/x86_64/udev-tools-114-7.1mdv2008.0.x86_64.rpm b6057c15bb22b381d07ee45a6bc81974 2008.0/SRPMS/udev-114-7.1mdv2008.0.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFLF8RvmqjQ0CJFipgRAp5ZAJ0YBHRyssp4RsoVDk8awKDSM9mnhACgqeEn aP7lY4N3P6dafT+v4TzBfgE= =S27a -----END PGP SIGNATURE----- . =========================================================== Ubuntu Security Notice USN-758-1 April 15, 2009 udev vulnerabilities CVE-2009-1185, CVE-2009-1186 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.10 Ubuntu 8.04 LTS Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: udev 079-0ubuntu35.1 Ubuntu 7.10: udev 113-0ubuntu17.2 Ubuntu 8.04 LTS: udev 117-8ubuntu0.2 Ubuntu 8.10: udev 124-9ubuntu0.2 After a standard system upgrade you need to reboot your computer to effect the necessary changes. Details follow: Sebastian Krahmer discovered that udev did not correctly validate netlink message senders. (CVE-2009-1185) Sebastian Krahmer discovered a buffer overflow in the path encoding routines in udev. (CVE-2009-1186) Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_079-0ubuntu35.1.diff.gz Size/MD5: 51122 c7d3b676db9a83db24f422a285438ca7 http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_079-0ubuntu35.1.dsc Size/MD5: 670 7cbaeaa0f9888994397d3d7cf90e3658 http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_079.orig.tar.gz Size/MD5: 281803 2b34fbddeadee3728ffe28121d6c1ebd amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_079-0ubuntu35.1_amd64.udeb Size/MD5: 142138 1392a4f575c8acda5672fc62f637b3fb http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_079-0ubuntu35.1_amd64.deb Size/MD5: 279030 84f654a125f3e3d0725103cfe68420b0 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_079-0ubuntu35.1_i386.udeb Size/MD5: 109638 4882b6311f73bef9868881b1c5e8ed41 http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_079-0ubuntu35.1_i386.deb Size/MD5: 239122 af377acadfffddf3d9040dc23286fc8f powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_079-0ubuntu35.1_powerpc.udeb Size/MD5: 118100 d792bd2e62989a8d95309aed153e4289 http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_079-0ubuntu35.1_powerpc.deb Size/MD5: 280766 b306f68f10ff06ca5cd9ee17828d39d5 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_079-0ubuntu35.1_sparc.udeb Size/MD5: 115618 63bcef9fd2bada2eafe266d7796a84c9 http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_079-0ubuntu35.1_sparc.deb Size/MD5: 247624 4b80d6ca0c5e076f249087c118962922 Updated packages for Ubuntu 7.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_113-0ubuntu17.2.diff.gz Size/MD5: 55913 a7a1ba8a02b2fe905bc71743e5a5c7c0 http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_113-0ubuntu17.2.dsc Size/MD5: 728 7b6e062975bbe336c2d760e5ff11572a http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_113.orig.tar.gz Size/MD5: 239920 be4948d5057ae469de9bea8ae588221e amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_113-0ubuntu17.2_amd64.deb Size/MD5: 86226 3f5adacc769ddfe17fafd79c54ce81a7 http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_113-0ubuntu17.2_amd64.deb Size/MD5: 81900 edaba987b6002b09d6b4173e156e330e http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_113-0ubuntu17.2_amd64.udeb Size/MD5: 149804 e601d0c2bc7037a8df133a30d1f76605 http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_113-0ubuntu17.2_amd64.deb Size/MD5: 304258 7a2173b367fc88bf531bfb706e3e1f8b http://security.ubuntu.com/ubuntu/pool/main/u/udev/volumeid_113-0ubuntu17.2_amd64.deb Size/MD5: 75160 fd8f032baabb6f0bbfc6f371cec52e1c i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_113-0ubuntu17.2_i386.deb Size/MD5: 83892 12a63120228e99b4730f010cd361c244 http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_113-0ubuntu17.2_i386.deb Size/MD5: 80572 6b5994b0eadaaee1f523de159718b408 http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_113-0ubuntu17.2_i386.udeb Size/MD5: 132812 630042b66ab4a4344191fc82ecec0a38 http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_113-0ubuntu17.2_i386.deb Size/MD5: 288284 986d47c76158ade2a30e6a1948f55082 http://security.ubuntu.com/ubuntu/pool/main/u/udev/volumeid_113-0ubuntu17.2_i386.deb Size/MD5: 74174 902478d959375b71e2b78cf0f0f8d82a lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/u/udev/libvolume-id-dev_113-0ubuntu17.2_lpia.deb Size/MD5: 83926 a32df0b3fe432aadfad07d3961e20a7e http://ports.ubuntu.com/pool/main/u/udev/libvolume-id0_113-0ubuntu17.2_lpia.deb Size/MD5: 80568 0266ced7497651f1bc9996ee0e00d6c5 http://ports.ubuntu.com/pool/main/u/udev/udev-udeb_113-0ubuntu17.2_lpia.udeb Size/MD5: 132732 386aa29c7b1175fac96d231a0e255118 http://ports.ubuntu.com/pool/main/u/udev/udev_113-0ubuntu17.2_lpia.deb Size/MD5: 288604 e05dbb1b8ff89c24b26cf318550442d6 http://ports.ubuntu.com/pool/main/u/udev/volumeid_113-0ubuntu17.2_lpia.deb Size/MD5: 74138 bf4aa952e2d07c0d27fba4e858dcd678 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_113-0ubuntu17.2_powerpc.deb Size/MD5: 87538 e0b0ae6ebf9847c5a4141950026b29f2 http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_113-0ubuntu17.2_powerpc.deb Size/MD5: 83398 a4372fb8399d28496fe8ed7a03fe2aab http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_113-0ubuntu17.2_powerpc.udeb Size/MD5: 149236 99bdb65c79ce39bf881fa56972a7df76 http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_113-0ubuntu17.2_powerpc.deb Size/MD5: 336274 d575f25a976f8cbd4cd123f47c696305 http://security.ubuntu.com/ubuntu/pool/main/u/udev/volumeid_113-0ubuntu17.2_powerpc.deb Size/MD5: 77432 6c548fabc0ad7861f125de70071cd0d7 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_113-0ubuntu17.2_sparc.deb Size/MD5: 87846 a331c703a9b11a20670a160d9bc5a16e http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_113-0ubuntu17.2_sparc.deb Size/MD5: 83846 6d2a1c58ea38e9b71fba17f841b4a26c http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_113-0ubuntu17.2_sparc.udeb Size/MD5: 141244 de4f7c09715c900cda38abbf53a6bf0f http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_113-0ubuntu17.2_sparc.deb Size/MD5: 294436 4591981586a1d547ea33c3cc8b09b39b http://security.ubuntu.com/ubuntu/pool/main/u/udev/volumeid_113-0ubuntu17.2_sparc.deb Size/MD5: 74714 cee96bfcea22c72a410644cb812591c0 Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_117-8ubuntu0.2.diff.gz Size/MD5: 65730 81fffa88d20b553d3957cc5180258028 http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_117-8ubuntu0.2.dsc Size/MD5: 716 5ce142feffe74504599351ce14f8e79c http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_117.orig.tar.gz Size/MD5: 245289 1e2b0a30a39019fc7ef947786102cd22 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_117-8ubuntu0.2_amd64.deb Size/MD5: 90008 9b726512e3681753aa17b4c28f5f0c97 http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_117-8ubuntu0.2_amd64.deb Size/MD5: 85680 7b719dd5b310814d742d82e8187936ad http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_117-8ubuntu0.2_amd64.udeb Size/MD5: 142424 3b3556f38c4751c19e94dfa442378975 http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_117-8ubuntu0.2_amd64.deb Size/MD5: 275764 a7341d40aaf3886ede818bacdb8f725b i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_117-8ubuntu0.2_i386.deb Size/MD5: 87874 bba06e76c225f835d4bd5da9cf71cb17 http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_117-8ubuntu0.2_i386.deb Size/MD5: 84476 2aaa0302816eb8d524b4b9eed6cc6664 http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_117-8ubuntu0.2_i386.udeb Size/MD5: 125376 12efe871f550741a6070849ecbf345d8 http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_117-8ubuntu0.2_i386.deb Size/MD5: 262096 14de9f79f3e92bca2fd087747fe2cbe4 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/u/udev/libvolume-id-dev_117-8ubuntu0.2_lpia.deb Size/MD5: 87820 06ae468615109e9693007bbbbd5ab76c http://ports.ubuntu.com/pool/main/u/udev/libvolume-id0_117-8ubuntu0.2_lpia.deb Size/MD5: 84344 74698366a89ff79f7da56e1e8081b7f8 http://ports.ubuntu.com/pool/main/u/udev/udev-udeb_117-8ubuntu0.2_lpia.udeb Size/MD5: 125366 24e6abe9d2d71edc59c8fee7c321aac4 http://ports.ubuntu.com/pool/main/u/udev/udev_117-8ubuntu0.2_lpia.deb Size/MD5: 262202 ccd906dc5ba0f8150d2e54560cb506fa powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/u/udev/libvolume-id-dev_117-8ubuntu0.2_powerpc.deb Size/MD5: 91184 0244aee4cd0b49b752b60bb69b822e8d http://ports.ubuntu.com/pool/main/u/udev/libvolume-id0_117-8ubuntu0.2_powerpc.deb Size/MD5: 87282 717d460e52f5208028b8a114c41441d3 http://ports.ubuntu.com/pool/main/u/udev/udev-udeb_117-8ubuntu0.2_powerpc.udeb Size/MD5: 142902 ac0227c34eabb4f40f8011ab810c6774 http://ports.ubuntu.com/pool/main/u/udev/udev_117-8ubuntu0.2_powerpc.deb Size/MD5: 284190 791467a0daac1a186b308a5260998765 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/u/udev/libvolume-id-dev_117-8ubuntu0.2_sparc.deb Size/MD5: 91172 5d7f21eb5e8183fd4a3a93a08e71fa9a http://ports.ubuntu.com/pool/main/u/udev/libvolume-id0_117-8ubuntu0.2_sparc.deb Size/MD5: 87420 5799e495a349dffb947bca5b831e0a59 http://ports.ubuntu.com/pool/main/u/udev/udev-udeb_117-8ubuntu0.2_sparc.udeb Size/MD5: 134148 07f30c5e47363b26a07a695ef208ac39 http://ports.ubuntu.com/pool/main/u/udev/udev_117-8ubuntu0.2_sparc.deb Size/MD5: 268260 81d8d2489b05238c43928ccca028fd97 Updated packages for Ubuntu 8.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_124-9ubuntu0.2.diff.gz Size/MD5: 60670 3294d977bf37ae45a66d47b624b60db0 http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_124-9ubuntu0.2.dsc Size/MD5: 1092 b52e321c7c4c0e0d6d292167cb6019f8 http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_124.orig.tar.gz Size/MD5: 257418 2ea9229208154229c5d6df6222f74ad7 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_124-9ubuntu0.2_amd64.deb Size/MD5: 93152 2ae90a4dc2bad933180b03169f021786 http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_124-9ubuntu0.2_amd64.deb Size/MD5: 88906 31e1fc7a2a7546cdb6c26b38df29cab3 http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_124-9ubuntu0.2_amd64.udeb Size/MD5: 140768 bff970a06a6364bec08459be64169da8 http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_124-9ubuntu0.2_amd64.deb Size/MD5: 280684 09f8b16a2b7b7b5c637e314302ad27b1 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_124-9ubuntu0.2_i386.deb Size/MD5: 90866 348a4b3c7ecace17161c156f648ef7f5 http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_124-9ubuntu0.2_i386.deb Size/MD5: 87674 af9f5a9f38ebff8867ea1d6055e33705 http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_124-9ubuntu0.2_i386.udeb Size/MD5: 124664 65a463c6512f87e71b40640809f68245 http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_124-9ubuntu0.2_i386.deb Size/MD5: 263786 34aa4d7ad23bcd6fe682d5c958c2b176 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/u/udev/libvolume-id-dev_124-9ubuntu0.2_lpia.deb Size/MD5: 90952 13a89ac0608a4432f8fe3410798bfc80 http://ports.ubuntu.com/pool/main/u/udev/libvolume-id0_124-9ubuntu0.2_lpia.deb Size/MD5: 87526 c62d3f557da0f00a683dd2affab3ac18 http://ports.ubuntu.com/pool/main/u/udev/udev-udeb_124-9ubuntu0.2_lpia.udeb Size/MD5: 124596 227b5495edd9e8164030ec9e3445206f http://ports.ubuntu.com/pool/main/u/udev/udev_124-9ubuntu0.2_lpia.deb Size/MD5: 263960 55a49a09202c83919fc7966e9cb4f0e9 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/u/udev/libvolume-id-dev_124-9ubuntu0.2_powerpc.deb Size/MD5: 94720 9f705767aec000389c4a0ac5547e4b08 http://ports.ubuntu.com/pool/main/u/udev/libvolume-id0_124-9ubuntu0.2_powerpc.deb Size/MD5: 90490 0a821585e04ab4a3ae43fba609d15bad http://ports.ubuntu.com/pool/main/u/udev/udev-udeb_124-9ubuntu0.2_powerpc.udeb Size/MD5: 136420 a13c982f31bb35caf8bdfa0230d6bf25 http://ports.ubuntu.com/pool/main/u/udev/udev_124-9ubuntu0.2_powerpc.deb Size/MD5: 283654 27a1278de0e01ecd84806b4c52242130 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/u/udev/libvolume-id-dev_124-9ubuntu0.2_sparc.deb Size/MD5: 94552 4ca615812516cb06abbeb05936f60e3c http://ports.ubuntu.com/pool/main/u/udev/libvolume-id0_124-9ubuntu0.2_sparc.deb Size/MD5: 90856 7c2cbb37e564258dcf75f2f0a85ebe51 http://ports.ubuntu.com/pool/main/u/udev/udev-udeb_124-9ubuntu0.2_sparc.udeb Size/MD5: 136020 0f478380b3c641b037818ed607eea594 http://ports.ubuntu.com/pool/main/u/udev/udev_124-9ubuntu0.2_sparc.deb Size/MD5: 274892 2f392b3a4d9d271db107930adc81e8e4

Trust: 2.52

sources: NVD: CVE-2009-1185 // JVNDB: JVNDB-2009-001256 // BID: 34536 // VULHUB: VHN-38631 // VULMON: CVE-2009-1185 // PACKETSTORM: 77207 // PACKETSTORM: 79128 // PACKETSTORM: 83398 // PACKETSTORM: 76682 // PACKETSTORM: 77206

AFFECTED PRODUCTS

vendor:	suse	model:	linux enterprise server	scope:	eq	version:	11	Trust: 1.3
vendor:	suse	model:	linux enterprise desktop	scope:	eq	version:	11	Trust: 1.3
vendor:	debian	model:	linux	scope:	eq	version:	5.0	Trust: 1.3
vendor:	debian	model:	linux	scope:	eq	version:	4.0	Trust: 1.3
vendor:	suse	model:	linux enterprise desktop	scope:	eq	version:	10	Trust: 1.0
vendor:	udev	model:	udev	scope:	lt	version:	141	Trust: 1.0
vendor:	opensuse	model:	opensuse	scope:	eq	version:	11.0	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	8.04	Trust: 1.0
vendor:	suse	model:	linux enterprise debuginfo	scope:	eq	version:	10	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	7.10	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	9	Trust: 1.0
vendor:	opensuse	model:	opensuse	scope:	eq	version:	11.1	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	8.10	Trust: 1.0
vendor:	juniper	model:	ctpview	scope:	eq	version:	7.2	Trust: 1.0
vendor:	opensuse	model:	opensuse	scope:	eq	version:	10.3	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	6.06	Trust: 1.0
vendor:	suse	model:	linux enterprise server	scope:	eq	version:	10	Trust: 1.0
vendor:	juniper	model:	ctpview	scope:	lt	version:	7.1	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	10	Trust: 1.0
vendor:	juniper	model:	ctpview	scope:	eq	version:	7.1	Trust: 1.0
vendor:	suse	model:	linux enterprise debuginfo	scope:	eq	version:	11	Trust: 1.0
vendor:	cybertrust	model:	asianux server	scope:	eq	version:	3 (x86)	Trust: 0.8
vendor:	cybertrust	model:	asianux server	scope:	eq	version:	3 (x86-64)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	5 (server)	Trust: 0.8
vendor:	red hat	model:	enterprise linux desktop	scope:	eq	version:	5.0 (client)	Trust: 0.8
vendor:	red hat	model:	enterprise linux eus	scope:	eq	version:	5.3.z (server)	Trust: 0.8
vendor:	red hat	model:	rhel desktop workstation	scope:	eq	version:	5 (client)	Trust: 0.8
vendor:	kernel	model:	udev	scope:	eq	version:	1.3.5	Trust: 0.6
vendor:	kernel	model:	udev	scope:	eq	version:	1.3.4	Trust: 0.6
vendor:	kernel	model:	udev	scope:	eq	version:	1.3.3	Trust: 0.6
vendor:	kernel	model:	udev	scope:	eq	version:	1.3.0	Trust: 0.6
vendor:	kernel	model:	udev	scope:	eq	version:	1.3.9	Trust: 0.6
vendor:	kernel	model:	udev	scope:	eq	version:	1.3.7	Trust: 0.6
vendor:	kernel	model:	udev	scope:	eq	version:	1.3.1	Trust: 0.6
vendor:	kernel	model:	udev	scope:	eq	version:	1.3.8	Trust: 0.6
vendor:	kernel	model:	udev	scope:	eq	version:	1.3.6	Trust: 0.6
vendor:	kernel	model:	udev	scope:	eq	version:	1.3.2	Trust: 0.6
vendor:	vmware	model:	esx server	scope:	eq	version:	4.0	Trust: 0.3
vendor:	udev	model:	udev	scope:	eq	version:	140	Trust: 0.3
vendor:	udev	model:	udev	scope:	eq	version:	124	Trust: 0.3
vendor:	ubuntu	model:	linux sparc	scope:	eq	version:	8.10	Trust: 0.3
vendor:	ubuntu	model:	linux powerpc	scope:	eq	version:	8.10	Trust: 0.3
vendor:	ubuntu	model:	linux lpia	scope:	eq	version:	8.10	Trust: 0.3
vendor:	ubuntu	model:	linux i386	scope:	eq	version:	8.10	Trust: 0.3
vendor:	ubuntu	model:	linux amd64	scope:	eq	version:	8.10	Trust: 0.3
vendor:	ubuntu	model:	linux lts sparc	scope:	eq	version:	8.04	Trust: 0.3
vendor:	ubuntu	model:	linux lts powerpc	scope:	eq	version:	8.04	Trust: 0.3
vendor:	ubuntu	model:	linux lts lpia	scope:	eq	version:	8.04	Trust: 0.3
vendor:	ubuntu	model:	linux lts i386	scope:	eq	version:	8.04	Trust: 0.3
vendor:	ubuntu	model:	linux lts amd64	scope:	eq	version:	8.04	Trust: 0.3
vendor:	ubuntu	model:	linux sparc	scope:	eq	version:	7.10	Trust: 0.3
vendor:	ubuntu	model:	linux powerpc	scope:	eq	version:	7.10	Trust: 0.3
vendor:	ubuntu	model:	linux lpia	scope:	eq	version:	7.10	Trust: 0.3
vendor:	ubuntu	model:	linux i386	scope:	eq	version:	7.10	Trust: 0.3
vendor:	ubuntu	model:	linux amd64	scope:	eq	version:	7.10	Trust: 0.3
vendor:	ubuntu	model:	linux lts sparc	scope:	eq	version:	6.06	Trust: 0.3
vendor:	ubuntu	model:	linux lts powerpc	scope:	eq	version:	6.06	Trust: 0.3
vendor:	ubuntu	model:	linux lts i386	scope:	eq	version:	6.06	Trust: 0.3
vendor:	ubuntu	model:	linux lts amd64	scope:	eq	version:	6.06	Trust: 0.3
vendor:	suse	model:	linux enterprise server debuginfo	scope:	eq	version:	11	Trust: 0.3
vendor:	suse	model:	linux enterprise server sp2	scope:	eq	version:	10	Trust: 0.3
vendor:	suse	model:	linux enterprise desktop sp2	scope:	eq	version:	10	Trust: 0.3
vendor:	suse	model:	linux enterprise	scope:	eq	version:	11	Trust: 0.3
vendor:	suse	model:	linux enterprise sp2 debuginfo	scope:	eq	version:	10	Trust: 0.3
vendor:	slackware	model:	linux	scope:	eq	version:	10.2	Trust: 0.3
vendor:	slackware	model:	linux	scope:	eq	version:	12.2	Trust: 0.3
vendor:	slackware	model:	linux	scope:	eq	version:	12.1	Trust: 0.3
vendor:	slackware	model:	linux	scope:	eq	version:	12.0	Trust: 0.3
vendor:	slackware	model:	linux	scope:	eq	version:	11.0	Trust: 0.3
vendor:	slackware	model:	linux -current	scope:	-	version:	-	Trust: 0.3
vendor:	s u s e	model:	opensuse	scope:	eq	version:	11.1	Trust: 0.3
vendor:	s u s e	model:	opensuse	scope:	eq	version:	11.0	Trust: 0.3
vendor:	s u s e	model:	opensuse	scope:	eq	version:	10.3	Trust: 0.3
vendor:	rpath	model:	linux	scope:	eq	version:	2	Trust: 0.3
vendor:	rpath	model:	linux	scope:	eq	version:	1	Trust: 0.3
vendor:	rpath	model:	appliance platform linux service	scope:	eq	version:	2	Trust: 0.3
vendor:	rpath	model:	appliance platform linux service	scope:	eq	version:	1	Trust: 0.3
vendor:	redhat	model:	enterprise linux desktop workstation client	scope:	eq	version:	5	Trust: 0.3
vendor:	redhat	model:	enterprise linux desktop client	scope:	eq	version:	5	Trust: 0.3
vendor:	redhat	model:	enterprise linux server	scope:	eq	version:	5	Trust: 0.3
vendor:	pardus	model:	linux	scope:	eq	version:	20080	Trust: 0.3
vendor:	mandriva	model:	linux mandrake x86 64	scope:	eq	version:	2009.0	Trust: 0.3
vendor:	mandriva	model:	linux mandrake	scope:	eq	version:	2009.0	Trust: 0.3
vendor:	mandriva	model:	linux mandrake x86 64	scope:	eq	version:	2008.1	Trust: 0.3
vendor:	mandriva	model:	linux mandrake	scope:	eq	version:	2008.1	Trust: 0.3
vendor:	mandriva	model:	linux mandrake x86 64	scope:	eq	version:	2008.0	Trust: 0.3
vendor:	mandriva	model:	linux mandrake	scope:	eq	version:	2008.0	Trust: 0.3
vendor:	mandrakesoft	model:	corporate server x86 64	scope:	eq	version:	4.0	Trust: 0.3
vendor:	mandrakesoft	model:	corporate server	scope:	eq	version:	4.0	Trust: 0.3
vendor:	gentoo	model:	linux	scope:	-	version:	-	Trust: 0.3
vendor:	debian	model:	linux sparc	scope:	eq	version:	5.0	Trust: 0.3
vendor:	debian	model:	linux s/390	scope:	eq	version:	5.0	Trust: 0.3
vendor:	debian	model:	linux powerpc	scope:	eq	version:	5.0	Trust: 0.3
vendor:	debian	model:	linux mipsel	scope:	eq	version:	5.0	Trust: 0.3
vendor:	debian	model:	linux mips	scope:	eq	version:	5.0	Trust: 0.3
vendor:	debian	model:	linux m68k	scope:	eq	version:	5.0	Trust: 0.3
vendor:	debian	model:	linux ia-64	scope:	eq	version:	5.0	Trust: 0.3
vendor:	debian	model:	linux ia-32	scope:	eq	version:	5.0	Trust: 0.3
vendor:	debian	model:	linux hppa	scope:	eq	version:	5.0	Trust: 0.3
vendor:	debian	model:	linux armel	scope:	eq	version:	5.0	Trust: 0.3
vendor:	debian	model:	linux arm	scope:	eq	version:	5.0	Trust: 0.3
vendor:	debian	model:	linux amd64	scope:	eq	version:	5.0	Trust: 0.3
vendor:	debian	model:	linux alpha	scope:	eq	version:	5.0	Trust: 0.3
vendor:	debian	model:	linux sparc	scope:	eq	version:	4.0	Trust: 0.3
vendor:	debian	model:	linux s/390	scope:	eq	version:	4.0	Trust: 0.3
vendor:	debian	model:	linux powerpc	scope:	eq	version:	4.0	Trust: 0.3
vendor:	debian	model:	linux mipsel	scope:	eq	version:	4.0	Trust: 0.3
vendor:	debian	model:	linux mips	scope:	eq	version:	4.0	Trust: 0.3
vendor:	debian	model:	linux m68k	scope:	eq	version:	4.0	Trust: 0.3
vendor:	debian	model:	linux ia-64	scope:	eq	version:	4.0	Trust: 0.3
vendor:	debian	model:	linux ia-32	scope:	eq	version:	4.0	Trust: 0.3
vendor:	debian	model:	linux hppa	scope:	eq	version:	4.0	Trust: 0.3
vendor:	debian	model:	linux armel	scope:	eq	version:	4.0	Trust: 0.3
vendor:	debian	model:	linux arm	scope:	eq	version:	4.0	Trust: 0.3
vendor:	debian	model:	linux amd64	scope:	eq	version:	4.0	Trust: 0.3
vendor:	debian	model:	linux alpha	scope:	eq	version:	4.0	Trust: 0.3
vendor:	udev	model:	udev	scope:	ne	version:	141	Trust: 0.3

sources: BID: 34536 // JVNDB: JVNDB-2009-001256 // CNNVD: CNNVD-200904-353 // NVD: CVE-2009-1185

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2009-1185
value:	HIGH
Trust: 1.0
NVD:	CVE-2009-1185
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200904-353
value:	HIGH
Trust: 0.6
VULHUB:	VHN-38631
value:	HIGH
Trust: 0.1
VULMON:	CVE-2009-1185
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2009-1185
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-38631
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-38631 // VULMON: CVE-2009-1185 // JVNDB: JVNDB-2009-001256 // CNNVD: CNNVD-200904-353 // NVD: CVE-2009-1185

PROBLEMTYPE DATA

problemtype:	CWE-346	Trust: 1.1
problemtype:	CWE-20	Trust: 0.9

sources: VULHUB: VHN-38631 // JVNDB: JVNDB-2009-001256 // NVD: CVE-2009-1185

THREAT TYPE

local

Trust: 1.3

sources: BID: 34536 // PACKETSTORM: 77207 // PACKETSTORM: 83398 // PACKETSTORM: 76682 // PACKETSTORM: 77206 // CNNVD: CNNVD-200904-353

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-200904-353

CONFIGURATIONS

sources: JVNDB: JVNDB-2009-001256

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-38631 // VULMON: CVE-2009-1185

PATCH

title:	udev-095-14.20AXS3	url:	https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=429	Trust: 0.8
title:	RHSA-2009:0427	url:	https://rhn.redhat.com/errata/RHSA-2009-0427.html	Trust: 0.8
title:	RHSA-2009:0427	url:	https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-0427J.html	Trust: 0.8
title:	Red Hat: Important: udev security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20090427 - Security Advisory	Trust: 0.1
title:	Ubuntu Security Notice: udev vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-758-1	Trust: 0.1
title:	Debian Security Advisories: DSA-1772-1 udev -- several vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=e43f90e15f654353ac0313a9762f781c	Trust: 0.1
title:	Simple-Metasploitable2-RootKit	url:	https://github.com/moorejacob2017/Simple-Metasploitable2-RootKit	Trust: 0.1
title:	-	url:	https://github.com/hussien-almalki/Hack_lame	Trust: 0.1
title:	Linux_Privilege	url:	https://github.com/ismailvc1111/Linux_Privilege	Trust: 0.1
title:	Linux_menthor	url:	https://github.com/amane312/Linux_menthor	Trust: 0.1
title:	-	url:	https://github.com/maririn312/Linux_menthor	Trust: 0.1
title:	Linux-Privilege-Escalation	url:	https://github.com/frizb/Linux-Privilege-Escalation	Trust: 0.1
title:	Linux_Exploit_Suggester	url:	https://github.com/PleXone2019/Linux_Exploit_Suggester	Trust: 0.1
title:	Linux_Exploit_Suggester	url:	https://github.com/ram4u/Linux_Exploit_Suggester	Trust: 0.1
title:	Tools	url:	https://github.com/ferovap/Tools	Trust: 0.1
title:	kernelpop	url:	https://github.com/spencerdodd/kernelpop	Trust: 0.1
title:	linux-kernel-exploits	url:	https://github.com/Feng4/linux-kernel-exploits	Trust: 0.1
title:	linux-kernel-exploits	url:	https://github.com/Shadowshusky/linux-kernel-exploits	Trust: 0.1
title:	linux-kernel-exploits	url:	https://github.com/password520/linux-kernel-exploits	Trust: 0.1
title:	linux-kernel-exploits	url:	https://github.com/zyjsuper/linux-kernel-exploits	Trust: 0.1
title:	linux-exp	url:	https://github.com/coffee727/linux-exp	Trust: 0.1
title:	linux-kernel-exploits	url:	https://github.com/m0mkris/linux-kernel-exploits	Trust: 0.1
title:	linux-exp	url:	https://github.com/QChiLan/linux-exp	Trust: 0.1
title:	LinuxEelvation	url:	https://github.com/Al1ex/LinuxEelvation	Trust: 0.1
title:	linux-kernel-exploits	url:	https://github.com/Straight-wood/linux-kernel-exploits	Trust: 0.1
title:	linux-kernel-exploits	url:	https://github.com/yige666/linux-kernel-exploits	Trust: 0.1
title:	linux-kernel-exploits	url:	https://github.com/kumardineshwar/linux-kernel-exploits	Trust: 0.1
title:	linux-kernel-exploits	url:	https://github.com/xssfile/linux-kernel-exploits	Trust: 0.1
title:	linux-kernel-exploits	url:	https://github.com/xfinest/linux-kernel-exploits	Trust: 0.1
title:	linux-kernel-exploits	url:	https://github.com/SecWiki/linux-kernel-exploits	Trust: 0.1
title:	linux-kernel-exploits	url:	https://github.com/C0dak/linux-kernel-exploits	Trust: 0.1
title:	local-root-exploit-	url:	https://github.com/sohaip-hackerDZ/local-root-exploit-	Trust: 0.1
title:	Linux-kernel-EoP-exp	url:	https://github.com/De4dCr0w/Linux-kernel-EoP-exp	Trust: 0.1
title:	linux-kernel-exploits	url:	https://github.com/Micr067/linux-kernel-exploits	Trust: 0.1
title:	-	url:	https://github.com/albinjoshy03/linux-kernel-exploits	Trust: 0.1
title:	linux-kernel-exploits	url:	https://github.com/vahalen/linux-kernel-exploits	Trust: 0.1
title:	LinuxElevation	url:	https://github.com/Al1ex/LinuxElevation	Trust: 0.1
title:	LinuxEelvation	url:	https://github.com/fei9747/LinuxEelvation	Trust: 0.1
title:	LinuxElevation	url:	https://github.com/Al1ex/LinuxElvation	Trust: 0.1
title:	Localroot-ALL-CVE	url:	https://github.com/Snoopy-Sec/Localroot-ALL-CVE	Trust: 0.1
title:	-	url:	https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits	Trust: 0.1

sources: VULMON: CVE-2009-1185 // JVNDB: JVNDB-2009-001256

EXTERNAL IDS

db:	NVD	id:	CVE-2009-1185	Trust: 3.4
db:	BID	id:	34536	Trust: 2.9
db:	SECUNIA	id:	34731	Trust: 2.6
db:	VUPEN	id:	ADV-2009-1053	Trust: 2.6
db:	SECTRACK	id:	1022067	Trust: 2.6
db:	EXPLOIT-DB	id:	8572	Trust: 1.8
db:	SECUNIA	id:	34750	Trust: 1.8
db:	SECUNIA	id:	34753	Trust: 1.8
db:	SECUNIA	id:	34785	Trust: 1.8
db:	SECUNIA	id:	34801	Trust: 1.8
db:	SECUNIA	id:	35766	Trust: 1.8
db:	SECUNIA	id:	34771	Trust: 1.8
db:	SECUNIA	id:	34776	Trust: 1.8
db:	SECUNIA	id:	34787	Trust: 1.8
db:	VUPEN	id:	ADV-2009-1865	Trust: 1.8
db:	JUNIPER	id:	JSA10705	Trust: 1.8
db:	JUNIPER	id:	JSA10691	Trust: 1.8
db:	JVNDB	id:	JVNDB-2009-001256	Trust: 0.8
db:	CNNVD	id:	CNNVD-200904-353	Trust: 0.6
db:	PACKETSTORM	id:	76682	Trust: 0.2
db:	PACKETSTORM	id:	83398	Trust: 0.2
db:	PACKETSTORM	id:	77206	Trust: 0.2
db:	PACKETSTORM	id:	79128	Trust: 0.2
db:	PACKETSTORM	id:	77207	Trust: 0.2
db:	PACKETSTORM	id:	116524	Trust: 0.1
db:	PACKETSTORM	id:	76810	Trust: 0.1
db:	PACKETSTORM	id:	76733	Trust: 0.1
db:	PACKETSTORM	id:	77165	Trust: 0.1
db:	PACKETSTORM	id:	76813	Trust: 0.1
db:	EXPLOIT-DB	id:	21848	Trust: 0.1
db:	EXPLOIT-DB	id:	8478	Trust: 0.1
db:	SEEBUG	id:	SSVID-75667	Trust: 0.1
db:	SEEBUG	id:	SSVID-66499	Trust: 0.1
db:	SEEBUG	id:	SSVID-88811	Trust: 0.1
db:	VULHUB	id:	VHN-38631	Trust: 0.1
db:	VULMON	id:	CVE-2009-1185	Trust: 0.1

sources: VULHUB: VHN-38631 // VULMON: CVE-2009-1185 // BID: 34536 // PACKETSTORM: 77207 // PACKETSTORM: 79128 // PACKETSTORM: 83398 // PACKETSTORM: 76682 // PACKETSTORM: 77206 // JVNDB: JVNDB-2009-001256 // CNNVD: CNNVD-200904-353 // NVD: CVE-2009-1185

REFERENCES

url:	http://www.securitytracker.com/id?1022067	Trust: 2.6
url:	http://www.securityfocus.com/bid/34536	Trust: 2.6
url:	http://secunia.com/advisories/34731	Trust: 2.6
url:	http://www.vupen.com/english/advisories/2009/1053	Trust: 2.6
url:	http://www.securityfocus.com/archive/1/502752/100/0/threaded	Trust: 1.8
url:	http://www.securityfocus.com/archive/1/504849/100/0/threaded	Trust: 1.8
url:	http://secunia.com/advisories/34750	Trust: 1.8
url:	http://secunia.com/advisories/34753	Trust: 1.8
url:	http://secunia.com/advisories/34771	Trust: 1.8
url:	http://secunia.com/advisories/34776	Trust: 1.8
url:	http://secunia.com/advisories/34785	Trust: 1.8
url:	http://secunia.com/advisories/34787	Trust: 1.8
url:	http://secunia.com/advisories/34801	Trust: 1.8
url:	http://secunia.com/advisories/35766	Trust: 1.8
url:	https://www.exploit-db.com/exploits/8572	Trust: 1.8
url:	http://www.vupen.com/english/advisories/2009/1865	Trust: 1.8
url:	http://www.debian.org/security/2009/dsa-1772	Trust: 1.8
url:	https://www.redhat.com/archives/fedora-package-announce/2009-april/msg00463.html	Trust: 1.8
url:	https://www.redhat.com/archives/fedora-package-announce/2009-april/msg00462.html	Trust: 1.8
url:	http://www.gentoo.org/security/en/glsa/glsa-200904-18.xml	Trust: 1.8
url:	http://www.mandriva.com/security/advisories?name=mdvsa-2009:103	Trust: 1.8
url:	http://www.mandriva.com/security/advisories?name=mdvsa-2009:104	Trust: 1.8
url:	http://www.redhat.com/support/errata/rhsa-2009-0427.html	Trust: 1.8
url:	http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00006.html	Trust: 1.8
url:	http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00012.html	Trust: 1.8
url:	http://www.ubuntu.com/usn/usn-758-1	Trust: 1.8
url:	http://lists.vmware.com/pipermail/security-announce/2009/000060.html	Trust: 1.8
url:	http://git.kernel.org/?p=linux/hotplug/udev.git%3ba=commitdiff%3bh=e2b362d9f23d4c63018709ab5f81a02f72b91e75	Trust: 1.8
url:	http://git.kernel.org/?p=linux/hotplug/udev.git%3ba=commitdiff%3bh=e86a923d508c2aed371cdd958ce82489cf2ab615	Trust: 1.8
url:	http://wiki.rpath.com/advisories:rpsa-2009-0063	Trust: 1.8
url:	http://wiki.rpath.com/wiki/advisories:rpsa-2009-0063	Trust: 1.8
url:	http://www.vmware.com/security/advisories/vmsa-2009-0009.html	Trust: 1.8
url:	https://bugzilla.redhat.com/show_bug.cgi?id=495051	Trust: 1.8
url:	https://launchpad.net/bugs/cve/2009-1185	Trust: 1.8
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10925	Trust: 1.8
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5975	Trust: 1.8
url:	http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.446399	Trust: 1.7
url:	http://kb.juniper.net/infocenter/index?page=content&id=jsa10691	Trust: 1.7
url:	http://kb.juniper.net/infocenter/index?page=content&id=jsa10705	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1185	Trust: 1.2
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-1185	Trust: 0.8
url:	https://access.redhat.com/errata/rhsa-2009:0427	Trust: 0.7
url:	http://git.kernel.org/?p=linux/hotplug/udev.git;a=commitdiff;h=e86a923d508c2aed371cdd958ce82489cf2ab615	Trust: 0.6
url:	http://git.kernel.org/?p=linux/hotplug/udev.git;a=commitdiff;h=e2b362d9f23d4c63018709ab5f81a02f72b91e75	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2009-1185	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2009-1185	Trust: 0.5
url:	http://git.kernel.org/?p=linux/hotplug/udev.git;a=commit;h=e86a923d508c2aed371cdd958ce82489cf2ab615	Trust: 0.3
url:	http://git.kernel.org/?p=linux/hotplug/udev.git;a=commit;h=e2b362d9f23d4c63018709ab5f81a02f72b91e75	Trust: 0.3
url:	http://www.kernel.org/pub/linux/utils/kernel/hotplug/udev.html	Trust: 0.3
url:	http://www.mandriva.com/security/	Trust: 0.3
url:	http://www.mandriva.com/security/advisories	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2009-1186	Trust: 0.3
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1186	Trust: 0.2
url:	http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.446399	Trust: 0.1
url:	http://kb.juniper.net/infocenter/index?page=content&id=jsa10691	Trust: 0.1
url:	http://kb.juniper.net/infocenter/index?page=content&id=jsa10705	Trust: 0.1
url:	https://cwe.mitre.org/data/definitions/346.html	Trust: 0.1
url:	https://github.com/moorejacob2017/simple-metasploitable2-rootkit	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://usn.ubuntu.com/758-1/	Trust: 0.1
url:	https://www.exploit-db.com/exploits/8572/	Trust: 0.1
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=18043	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-0034	Trust: 0.1
url:	http://kb.vmware.com/kb/1011782	Trust: 0.1
url:	http://www.vmware.com/security	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0034	Trust: 0.1
url:	http://www.vmware.com/support/policies/security_response.html	Trust: 0.1
url:	http://kb.vmware.com/kb/1055	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-0037	Trust: 0.1
url:	http://kb.vmware.com/kb/1011781	Trust: 0.1
url:	http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce	Trust: 0.1
url:	http://tinyurl.com/ncfu5s	Trust: 0.1
url:	http://www.vmware.com/support/policies/eos_vi.html	Trust: 0.1
url:	http://kb.vmware.com/kb/1011786	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0037	Trust: 0.1
url:	http://www.vmware.com/support/policies/eos.html	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_113-0ubuntu17.2_powerpc.udeb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/u/udev/udev_117-8ubuntu0.2_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/u/udev/libvolume-id-dev_124-9ubuntu0.2_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/volumeid_113-0ubuntu17.2_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/u/udev/udev-udeb_124-9ubuntu0.2_sparc.udeb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_124-9ubuntu0.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_124-9ubuntu0.2.diff.gz	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/u/udev/udev-udeb_117-8ubuntu0.2_sparc.udeb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_113-0ubuntu17.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_124-9ubuntu0.2.dsc	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_113-0ubuntu17.2_amd64.udeb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/u/udev/udev_113-0ubuntu17.2_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/volumeid_113-0ubuntu17.2_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/u/udev/libvolume-id0_124-9ubuntu0.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_079-0ubuntu35.1_i386.udeb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_113-0ubuntu17.2_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/u/udev/libvolume-id-dev_113-0ubuntu17.2_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_124.orig.tar.gz	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/u/udev/volumeid_113-0ubuntu17.2_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_117-8ubuntu0.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_113-0ubuntu17.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_079-0ubuntu35.1_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_113.orig.tar.gz	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/u/udev/udev_124-9ubuntu0.2_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_079-0ubuntu35.1.diff.gz	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/u/udev/udev-udeb_113-0ubuntu17.2_lpia.udeb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/u/udev/libvolume-id0_117-8ubuntu0.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_117-8ubuntu0.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_113-0ubuntu17.2_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_117-8ubuntu0.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_124-9ubuntu0.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_079-0ubuntu35.1_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/u/udev/libvolume-id-dev_117-8ubuntu0.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_124-9ubuntu0.2_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/u/udev/udev-udeb_117-8ubuntu0.2_lpia.udeb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_124-9ubuntu0.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_079-0ubuntu35.1_amd64.udeb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/volumeid_113-0ubuntu17.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_117-8ubuntu0.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_117-8ubuntu0.2.diff.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_113-0ubuntu17.2_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_117-8ubuntu0.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/volumeid_113-0ubuntu17.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_113-0ubuntu17.2.dsc	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_113-0ubuntu17.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_113-0ubuntu17.2_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/u/udev/libvolume-id-dev_124-9ubuntu0.2_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_117-8ubuntu0.2_i386.udeb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_113-0ubuntu17.2_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/u/udev/libvolume-id-dev_117-8ubuntu0.2_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_124-9ubuntu0.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_117.orig.tar.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_079-0ubuntu35.1.dsc	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_117-8ubuntu0.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_079-0ubuntu35.1_powerpc.udeb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/u/udev/libvolume-id0_113-0ubuntu17.2_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/u/udev/libvolume-id0_117-8ubuntu0.2_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/u/udev/libvolume-id0_124-9ubuntu0.2_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_113-0ubuntu17.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_079.orig.tar.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id-dev_113-0ubuntu17.2_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_124-9ubuntu0.2_amd64.udeb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/libvolume-id0_113-0ubuntu17.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_113-0ubuntu17.2.diff.gz	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/u/udev/libvolume-id-dev_124-9ubuntu0.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_113-0ubuntu17.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_117-8ubuntu0.2_amd64.udeb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/u/udev/udev-udeb_124-9ubuntu0.2_powerpc.udeb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/u/udev/udev_124-9ubuntu0.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_079-0ubuntu35.1_sparc.udeb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_079-0ubuntu35.1_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_113-0ubuntu17.2_sparc.udeb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_113-0ubuntu17.2_i386.udeb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/u/udev/udev_117-8ubuntu0.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_079-0ubuntu35.1_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/u/udev/libvolume-id0_117-8ubuntu0.2_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/u/udev/udev-udeb_117-8ubuntu0.2_powerpc.udeb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_124-9ubuntu0.2_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/u/udev/udev_117-8ubuntu0.2_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev-udeb_124-9ubuntu0.2_i386.udeb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/u/udev/udev-udeb_124-9ubuntu0.2_lpia.udeb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/u/udev/libvolume-id0_124-9ubuntu0.2_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/u/udev/libvolume-id-dev_117-8ubuntu0.2_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/u/udev/udev_117-8ubuntu0.2.dsc	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/u/udev/udev_124-9ubuntu0.2_lpia.deb	Trust: 0.1

CREDITS

Sebastian Krahmer krahmer@suse.de

Trust: 0.6

sources: CNNVD: CNNVD-200904-353

SOURCES

db:	VULHUB	id:	VHN-38631
db:	VULMON	id:	CVE-2009-1185
db:	BID	id:	34536
db:	PACKETSTORM	id:	77207
db:	PACKETSTORM	id:	79128
db:	PACKETSTORM	id:	83398
db:	PACKETSTORM	id:	76682
db:	PACKETSTORM	id:	77206
db:	JVNDB	id:	JVNDB-2009-001256
db:	CNNVD	id:	CNNVD-200904-353
db:	NVD	id:	CVE-2009-1185

LAST UPDATE DATE

2025-07-10T19:38:43.248000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-38631	date:	2023-02-13T00:00:00
db:	VULMON	id:	CVE-2009-1185	date:	2023-02-13T00:00:00
db:	BID	id:	34536	date:	2015-04-13T22:16:00
db:	JVNDB	id:	JVNDB-2009-001256	date:	2009-05-27T00:00:00
db:	CNNVD	id:	CNNVD-200904-353	date:	2023-05-05T00:00:00
db:	NVD	id:	CVE-2009-1185	date:	2025-04-09T00:30:58.490

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-38631	date:	2009-04-17T00:00:00
db:	VULMON	id:	CVE-2009-1185	date:	2009-04-17T00:00:00
db:	BID	id:	34536	date:	2009-04-15T00:00:00
db:	PACKETSTORM	id:	77207	date:	2009-05-03T02:29:17
db:	PACKETSTORM	id:	79128	date:	2009-07-13T18:26:12
db:	PACKETSTORM	id:	83398	date:	2009-12-03T20:57:26
db:	PACKETSTORM	id:	76682	date:	2009-04-15T20:31:12
db:	PACKETSTORM	id:	77206	date:	2009-05-03T02:28:26
db:	JVNDB	id:	JVNDB-2009-001256	date:	2009-05-27T00:00:00
db:	CNNVD	id:	CNNVD-200904-353	date:	2009-04-17T00:00:00
db:	NVD	id:	CVE-2009-1185	date:	2009-04-17T14:30:00.563