CVE-2009-1633
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2009-1633
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple buffer overflows in the cifs subsystem in the Linux kernel before 2.6.29.4 allow remote CIFS servers to cause a denial of service (memory corruption) and possibly have unspecified other impact via (1) a malformed Unicode string, related to Unicode string area alignment in fs/cifs/sess.c; or (2) long Unicode characters, related to fs/cifs/cifssmb.c and the cifs_readdir function in fs/cifs/readdir.c.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux Kernel CIFS字符串转换多个缓冲区溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。NFSv4 implementation是其中的一个分布式文件系统协议。 Linux Kernel的cifs处理代码通常将ucs2_le字符串(windows所使用的双字节编码方案)转换为本地NLS字符集。字符串转换例程仅接受由所要转换的宽字符数所指定的单个长度参数,因此假设目标缓冲区已足够大,但实际上特制的CIFS字符串仍可触发缓冲区溢出。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2009-1633
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2009-1633
请登录查看更多情报信息。
- http://www.vmware.com/security/advisories/VMSA-2009-0016.htmlx_refsource_CONFIRM
- http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.29.4x_refsource_CONFIRM
- http://wiki.rpath.com/Advisories:rPSA-2009-0111x_refsource_CONFIRM
- https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01126.htmlvendor-advisoryx_refsource_FEDORA
- http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.htmlvendor-advisoryx_refsource_SUSE
- https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01271.htmlvendor-advisoryx_refsource_FEDORA
- http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.htmlvendor-advisoryx_refsource_SUSE
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9525vdb-entrysignaturex_refsource_OVAL
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8588vdb-entrysignaturex_refsource_OVAL
- https://nvd.nist.gov/vuln/detail/CVE-2009-1633
Same Patch Batch · n/a · 2009-05-28 · 15 CVEs total
| CVE-2009-1195 | Apache 配置错误漏洞 | |
| CVE-2009-1384 | Eyrie pam_krb5用户名列举漏洞 | |
| CVE-2009-1806 | IBM Hardware Management Console 未明漏洞 | |
| CVE-2009-1807 | Baofeng缓冲区错误漏洞 | |
| CVE-2009-1808 | Microsoft Windows桌面墙纸系统参数本地权限提升漏洞(MS09-025) | |
| CVE-2008-6814 | Jan_De_Graaff SimpleBoard 'image_upload.php'任意文件上传漏洞 | |
| CVE-2008-6815 | MyKtools 'mykdownload.php'本地文件访问控制泄露漏洞 | |
| CVE-2008-6816 | Eaton Network Shutdown Module绕过认证漏洞 | |
| CVE-2009-1799 | ST-Gallery 'st_admin/gallery_output.php' SQL注入漏洞 | |
| CVE-2009-1800 | 中国游戏中心游戏大厅客户端远程栈溢出漏洞 | |
| CVE-2009-1801 | FreePBX 跨站脚本漏洞 | |
| CVE-2009-1802 | FreePBX 跨站请求伪造漏洞 | |
| CVE-2009-1803 | FreePBX 信息泄露漏洞 | |
| CVE-2009-1804 | VideoScript.us YouTube Video Script 'admin/index.php' 多个SQL注入漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8276
bettercap MySQL Server mysql_server.go integer coercion - CVE-2026-8275
bettercap zerogod IPP Service zerogod_ipp_primitives.go ippR - CVE-2026-8270
Open5GS SMF ogs_nas_parse_qos_rules denial of service - CVE-2026-8269
Open5GS SMF smf_nsmf_handle_create_sm_context denial of serv - CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service
V. Comments for CVE-2009-1633
No comments yet