CVE-2009-2829

CVSS 5.0 - MEDIUM

Description

Event Monitor in Apple Mac OS X 10.5.8 does not properly handle crafted authentication data sent to an SSH daemon, which allows remote attackers to cause a denial of service via vectors involving processing of XML log documents by other services, related to a "log injection" issue.

Affected Products

1

Vendor	Product	Version
apple	mac_os_x_server	`10.5.8`

References

http://lists.apple.com/archives/security-announce/...

http://support.apple.com/kb/HT3937

http://www.securityfocus.com/bid/36956

http://www.vupen.com/english/advisories/2009/3184

http://lists.apple.com/archives/security-announce/...

http://support.apple.com/kb/HT3937

http://www.securityfocus.com/bid/36956

http://www.vupen.com/english/advisories/2009/3184

Weakness Types

CWE-255

CVE Information

CVE ID:: CVE-2009-2829
Published:: 2009-11-10
Modified:: 2026-04-23
CVSS Score:: 5.0
Severity:: MEDIUM
Vector:: AV:N/AC:L/Au:N/C:N/I:N/A:P

Affected Vendors

apple

Quick Actions

View on NVD Find Similar CVEs

CVSS Severity Scale

0.0 - 3.9 LOW

4.0 - 6.9 MEDIUM

7.0 - 8.9 HIGH

9.0 - 10.0 CRITICAL