CVE-2009-0544
published 2009-02-12CVE-2009-0544: Buffer overflow in the PyCrypto ARC2 module 2.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large ARC2 key…
PriorityP357critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
11.52%
95.5th percentile
Buffer overflow in the PyCrypto ARC2 module 2.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large ARC2 key length.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| pycrypto | arc2 | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Trigger condition is an ARC2 key length greater than 128 bytes (e.g., 16384 bytes); monitor for ARC2 cipher instantiation with oversized keys (keylength > 128) in PyCrypto 2.0.1 ↗
- →Vulnerable code path is in Crypto.Cipher.ARC2 module; look for imports or usage of this module in applications running PyCrypto 2.0.1 ↗
- →The ARC2 implementation did not correctly check the key length; any code path supplying attacker-controlled key material to ARC2.new() is exploitable ↗
- ·Fix is available via upstream git commits; patch at the referenced commitdiff URLs addresses the key-length validation bypass ↗
- ·Exploitation requires that attacker-controlled data reaches the ARC2 key parameter; only PyCrypto version 2.0.1 is confirmed vulnerable ↗
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_redhat10.0CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Python Crypto vulnerability
vendor_ubuntu·2009-03-05
CVE-2009-0544 Python Crypto vulnerability
Title: Python Crypto vulnerability
Summary: Python Crypto vulnerability
Mike Wiacek discovered that the ARC2 implementation in Python Crypto
did not correctly check the key length. If a user or automated system
were tricked into processing a malicious ARC2 stream, a remote attacker
could execute arbitrary code or crash the application using Python Crypto,
leading to a denial of service.
Instructions: In general, a standard system upgrade is sufficient to effect the
necessary changes.
Red Hat
python-crypto: buffer overflow in the ARC2 module
vendor_redhat·2009-02-07·CVSS 10.0
CVE-2009-0544 [CRITICAL] python-crypto: buffer overflow in the ARC2 module
python-crypto: buffer overflow in the ARC2 module
Buffer overflow in the PyCrypto ARC2 module 2.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large ARC2 key length.
GHSA
GHSA-w9fp-w8cr-vgpg: Buffer overflow in the PyCrypto ARC2 module 2
ghsa_unreviewed·2022-05-02
CVE-2009-0544 [HIGH] CWE-119 GHSA-w9fp-w8cr-vgpg: Buffer overflow in the PyCrypto ARC2 module 2
Buffer overflow in the PyCrypto ARC2 module 2.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large ARC2 key length.
No detection rules found.
http://gitweb2.dlitz.net/?p=crypto/pycrypto-2.x.git%3Ba=commitdiff%3Bh=d1c4875e1f220652fe7ff8358f56dee3b2aba31bhttp://gitweb2.dlitz.net/?p=crypto/pycrypto-2.x.git%3Ba=commitdiff%3Bh=fd73731dfad451a81056fbb01e09aa78ab82eb5dhttp://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.htmlhttp://secunia.com/advisories/34199http://secunia.com/advisories/35065http://www.gentoo.org/security/en/glsa/glsa-200903-11.xmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:049http://www.mandriva.com/security/advisories?name=MDVSA-2009:050http://www.openwall.com/lists/oss-security/2009/02/07/1http://www.openwall.com/lists/oss-security/2009/02/12/5http://www.securityfocus.com/bid/33674https://exchange.xforce.ibmcloud.com/vulnerabilities/48617http://gitweb2.dlitz.net/?p=crypto/pycrypto-2.x.git%3Ba=commitdiff%3Bh=d1c4875e1f220652fe7ff8358f56dee3b2aba31bhttp://gitweb2.dlitz.net/?p=crypto/pycrypto-2.x.git%3Ba=commitdiff%3Bh=fd73731dfad451a81056fbb01e09aa78ab82eb5dhttp://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.htmlhttp://secunia.com/advisories/34199http://secunia.com/advisories/35065http://www.gentoo.org/security/en/glsa/glsa-200903-11.xmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:049http://www.mandriva.com/security/advisories?name=MDVSA-2009:050http://www.openwall.com/lists/oss-security/2009/02/07/1http://www.openwall.com/lists/oss-security/2009/02/12/5http://www.securityfocus.com/bid/33674https://exchange.xforce.ibmcloud.com/vulnerabilities/48617
2009-02-12
Published