CVE-2009-4810

Published Apr 23, 2010
Last updated 15 years ago
CVSS info 7.5
Overview

Description: The Secure Remote Password (SRP) implementation in Samhain before 2.5.4 does not check for a certain zero value where required by the protocol, which allows remote attackers to bypass authentication via crafted input.
Source: cve@mitre.org
NVD status: Analyzed
Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: CWE-20
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3318E9A-DF07-45E6-B9D8-04D15FE9F24A",
            "versionEndIncluding": "2.5.3"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:1.8.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "88922C8A-7F2D-4CB8-B68E-826946EBBBC2"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:1.8.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32EBCA9F-B783-48EE-ABA1-8693982F569E"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:1.8.10:a:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "81030934-F0F6-439A-980E-9674422CBD1F"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:1.8.10:b:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E09A72AE-D856-4C1B-8789-D4F24EDB1921"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:1.8.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "42EB5B2D-297B-46F6-90B1-393592A3CDB5"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:1.8.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "82FD3347-086F-4053-842F-B429D9CA0D6A"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:1.8.12:a:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F24F3FB6-30D0-46FC-81CB-339CA2BBCCE9"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:1.8.12:b:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5AF9932E-1B18-4D8E-8836-80267077941F"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "96DE0F6C-BB26-47C8-9A69-4E1001DDFFBE"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F6601FD-E9BE-41C9-84B0-E087661A7F2D"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0DDEBA1E-BC35-47CA-861A-E61D39E8ADCE"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.0.2:a:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6D2ED90D-D955-4870-837E-103CA42D3884"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40949DF1-2FDF-4F4A-9DA6-0FECBD7A4E1F"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "88D5655C-9419-4C03-98FE-FE59E918B669"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B55E7105-1CAE-4303-AE82-DF150CFF5E6E"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.0.5:a:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "98C85E21-7575-4256-BD81-FF0277C0576F"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.0.5:b:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6C7EFB2-64E4-4562-9509-4EBFCE5222C6"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FC6E862D-9DF7-4584-A570-5AC222F298A8"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9FC8E51A-B9ED-46AF-9B6B-0D231077998D"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.0.7:a:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7421B206-C1C5-456B-9EE1-539DBC55A304"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.0.7:b:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7BAE9857-D704-41C7-9AA7-37DEA428C169"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.0.7:c:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B311466B-FA36-4813-B789-F3B172A03180"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.0.7:d:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2A89F0C2-AF64-44F9-B0E1-ABA36092C904"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.0.7:e:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2E940277-5F5E-456B-9F57-505572179F97"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "75E1397D-51BD-4534-AD04-049CBB57AE06"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7E8EC6A7-E641-49C7-9457-7D1CF2917832"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.0.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "62553213-5BB1-439E-AA71-49B9196FDBE0"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.0.10:a:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D786E6A-D839-4DA6-84FD-AE6C29E8E5BC"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "02EE2EE9-7526-484D-BBB5-7425067DCF5C"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "952D4F5A-7B42-42D5-9BB1-75426C3846C6"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.1.1:a:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9CFE08FC-1E88-453F-A5D5-BAF878874E61"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0EDD4BA4-0BAD-4028-81AB-E76CCC44649B"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B52BE6C-EBB4-41D5-AEB8-0997FFF702A3"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "57A2F925-C73F-4595-B49A-919150A6036C"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F1C5EFA7-9112-48B1-ABE5-336E4029BE80"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.2.1:a:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1904BB19-EDDA-497A-9811-1F97A9E8279C"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.2.1:b:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CFC2B303-EADE-4338-8716-6D0F03DD376C"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.2.1:c:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FC05B1B2-B862-4C7E-9072-055D1F90280C"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC7B4E60-4176-4912-97FA-586CDB2FFFC4"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39A988A5-27DE-4565-8E05-C2088D801D7D"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A9C507B7-C452-4E83-9B6F-9271CF716F52"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C4A635A-6024-487D-95E7-DC6702494C08"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "545EA47C-B46A-48D5-BE5F-6BD286C8ADB1"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1FA9C9A2-9146-495B-84F2-20DB8278C0BC"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.3.0:a:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "57A3A736-6FC8-40C9-8A49-61AE0817EA39"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3805E672-6AED-4BEA-B4E1-540D93E219E1"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.3.1:a:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD5A3D54-3B42-4A34-960D-F9B7EC9B27FB"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A987AEED-AE52-4860-985D-3CC6E6B914C2"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C252372C-FD22-46BE-B2AF-FC1C915CD985"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.3.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BE177E23-B945-4DEC-90F2-4B77325DD468"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.3.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9148D4B9-4E16-480B-AC52-ACA0B81EDECD"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.3.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "031EF7A6-B66B-445A-A491-71F32F1FA60A"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.3.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16FFAC90-3DBC-459E-87D5-72A0E0284A77"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.3.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "00D3E7F6-6437-409E-8065-94E1650B690B"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3012B039-119F-49FB-B7E4-EFA9E35BB7A6"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.4.0:a:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "04F8AB07-893C-4636-AC0E-443963FD7E06"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F1F468D-4DE5-4582-B308-922FB8F79A98"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.4.1:a:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6CA9A8F4-D56B-4886-A1CB-D76C25ADCA62"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "89F6F58C-BE8F-42E4-B026-75C22AA2C431"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.4.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FBE2241E-8D23-465C-A19A-9B200F0F37CD"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.4.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B9154928-7C9B-4D57-AEB6-20C100CA8612"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.4.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B23666D7-E926-4D0E-974D-681E3B68775C"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.4.5:a:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C1A2C9C-CF8A-490C-9A11-826ABAA23EF6"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.4.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8A8FB6B6-2EB9-4290-B6B0-6128930456E1"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.4.6:a:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "54732668-D695-469A-80F6-A9EDFD6705EF"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "740B72E9-6CAB-4C1E-8B12-3E2FDF0BDFF7"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "65E276B9-5807-4519-8B02-B58FC0A4F2B3"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A081CF87-BF63-4622-90A5-73101E4DF3A0"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.5.2:a:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1626A67B-469A-4AFF-9505-9085E9E4F4E9"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.5.2:b:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D7B5EAE-A921-4A5A-8C90-E7C3361AEECB"
          },
          {
            "criteria": "cpe:2.3:a:samhain_labs:samhain:2.6.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0DF4B4DA-1A5B-4538-BAA9-0CD74C7B516B"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
