Vulnerabilities > CVE-2009-3575 - Buffer Overflow vulnerability in aria2 'DHTRoutingTableDeserializer::deserialize()'
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Buffer overflow in DHTRoutingTableDeserializer.cc in aria2 0.15.3, 1.2.0, and other versions allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Nessus
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1957.NASL description It was discovered that aria2, a high speed download utility, is prone to a buffer overflow in the DHT routing code, which might lead to the execution of arbitrary code. The oldstable distribution (etch) is not affected by this problem. last seen 2020-06-01 modified 2020-06-02 plugin id 44822 published 2010-02-24 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/44822 title Debian DSA-1957-1 : aria2 - buffer overflow code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-1957. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(44822); script_version("1.7"); script_cvs_date("Date: 2019/08/02 13:32:22"); script_cve_id("CVE-2009-3575"); script_xref(name:"DSA", value:"1957"); script_name(english:"Debian DSA-1957-1 : aria2 - buffer overflow"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "It was discovered that aria2, a high speed download utility, is prone to a buffer overflow in the DHT routing code, which might lead to the execution of arbitrary code. The oldstable distribution (etch) is not affected by this problem." ); script_set_attribute( attribute:"see_also", value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551070" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2009/dsa-1957" ); script_set_attribute( attribute:"solution", value: "Upgrade the aria2 packages. For the stable distribution (lenny), this problem has been fixed in version 0.14.0-1+lenny1. Binaries for powerpc, arm, ia64 and hppa will be provided once they are available." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:aria2"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:5.0"); script_set_attribute(attribute:"patch_publication_date", value:"2009/12/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/24"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"5.0", prefix:"aria2", reference:"0.14.0-1+lenny1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2009-226.NASL description A vulnerability has been found and corrected in aria2 : Buffer overflow in DHTRoutingTableDeserializer.cc in aria2 0.15.3, 1.2.0, and other versions allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors (CVE-2009-3575). This update provides a solution to this vulnerability. last seen 2020-06-01 modified 2020-06-02 plugin id 40920 published 2009-09-10 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/40920 title Mandriva Linux Security Advisory : aria2 (MDVSA-2009:226) NASL family SuSE Local Security Checks NASL id SUSE_11_1_ARIA2-091014.NASL description Speciall crafted distributed hash table files as used by bittorrent could cause a buffer overflow in aria2 (CVE-2009-3575). last seen 2020-06-01 modified 2020-06-02 plugin id 42175 published 2009-10-19 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/42175 title openSUSE Security Update : aria2 (aria2-1400) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201001-06.NASL description The remote host is affected by the vulnerability described in GLSA-201001-06 (aria2: Multiple vulnerabilities) Tatsuhiro Tsujikawa reported a buffer overflow in DHTRoutingTableDeserializer.cc (CVE-2009-3575) and a format string vulnerability in the AbstractCommand::onAbort() function in src/AbstractCommand.cc (CVE-2009-3617). Impact : A remote, unauthenticated attacker could possibly execute arbitrary code with the privileges of the user running the application or cause a Denial of Service (application crash). Workaround : Do not use DHT (CVE-2009-3575) and disable logging (CVE-2009-3617). last seen 2020-06-01 modified 2020-06-02 plugin id 44895 published 2010-02-25 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44895 title GLSA-201001-06 : aria2: Multiple vulnerabilities NASL family Fedora Local Security Checks NASL id FEDORA_2009-10344.NASL description Fixes CVE-2009-3575, A buffer overflow vulnerability described in more detail at https://bugzilla.redhat.com/show_bug.cgi?id=527827 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 42074 published 2009-10-09 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/42074 title Fedora 10 : aria2-1.3.1-2.fc10 (2009-10344)