CVE-2009-0751
published 2009-03-02CVE-2009-0751: Yaws before 1.80 allows remote attackers to cause a denial of service (memory consumption and crash) via a request with a large number of headers.
PriorityP426medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
10.40%
95.2th percentile
Yaws before 1.80 allows remote attackers to cause a denial of service (memory consumption and crash) via a request with a large number of headers.
Affected
32 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | yaws | < yaws 1.80-1 (bookworm) | yaws 1.80-1 (bookworm) |
| yaws | yaws | <= 1.79 | — |
| yaws | yaws | — | — |
| yaws | yaws | — | — |
| yaws | yaws | — | — |
| yaws | yaws | — | — |
| yaws | yaws | — | — |
| yaws | yaws | — | — |
| yaws | yaws | — | — |
| yaws | yaws | — | — |
| yaws | yaws | — | — |
| yaws | yaws | — | — |
| yaws | yaws | — | — |
| yaws | yaws | — | — |
| yaws | yaws | — | — |
| yaws | yaws | — | — |
| yaws | yaws | — | — |
| yaws | yaws | — | — |
| yaws | yaws | — | — |
| yaws | yaws | — | — |
| yaws | yaws | — | — |
| yaws | yaws | — | — |
| yaws | yaws | — | — |
| yaws | yaws | — | — |
| yaws | yaws | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2009-0751: yaws - Yaws before 1.80 allows remote attackers to cause a denial of service (memory co...
vendor_debian·2009·CVSS 5.0
CVE-2009-0751 [MEDIUM] CVE-2009-0751: yaws - Yaws before 1.80 allows remote attackers to cause a denial of service (memory co...
Yaws before 1.80 allows remote attackers to cause a denial of service (memory consumption and crash) via a request with a large number of headers.
Scope: local
bookworm: resolved (fixed in 1.80-1)
bullseye: resolved (fixed in 1.80-1)
forky: resolved (fixed in 1.80-1)
sid: resolved (fixed in 1.80-1)
trixie: resolved (fixed in 1.80-1)
GHSA
GHSA-9574-q3cv-v9f8: Yaws before 1
ghsa_unreviewed·2022-05-02
CVE-2009-0751 [MEDIUM] GHSA-9574-q3cv-v9f8: Yaws before 1
Yaws before 1.80 allows remote attackers to cause a denial of service (memory consumption and crash) via a request with a large number of headers.
OSV
CVE-2009-0751: Yaws before 1
osv·2009-03-02·CVSS 5.0
CVE-2009-0751 [MEDIUM] CVE-2009-0751: Yaws before 1
Yaws before 1.80 allows remote attackers to cause a denial of service (memory consumption and crash) via a request with a large number of headers.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/33979http://secunia.com/advisories/34239http://www.debian.org/security/2009/dsa-1740http://www.openwall.com/lists/oss-security/2009/02/19/1http://www.securityfocus.com/bid/33834http://www.vupen.com/english/advisories/2009/0590http://yaws.hyber.org/https://www.exploit-db.com/exploits/8148http://secunia.com/advisories/33979http://secunia.com/advisories/34239http://www.debian.org/security/2009/dsa-1740http://www.openwall.com/lists/oss-security/2009/02/19/1http://www.securityfocus.com/bid/33834http://www.vupen.com/english/advisories/2009/0590http://yaws.hyber.org/https://www.exploit-db.com/exploits/8148
2009-03-02
Published