CVE-2009-0849

Name: CVE-2009-0849
Creator: NVD / NIST
Published: 2009-03-09T17:30:00.17+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 16.55%

Last modified Jun 16, 2026

CVE-2009-0849 is a vulnerability of currently unknown severity. Stack-based buffer overflow in the DtbClsLogin function in NovaStor NovaNET 12 allows remote attackers to (1) execute arbitrary code on Linux platforms via a long username field during backup domain authentication, related to libnnlindtb.so; or (2) cause a denial of service (daemon crash) on Windows platforms via a long username field during backup domain authentication, related to nnwindtb.dll. NOTE: some of these details are obtained from third party information.. EPSS estimates a 16.55% chance of exploitation in the next 30 days.

Description

Stack-based buffer overflow in the DtbClsLogin function in NovaStor NovaNET 12 allows remote attackers to (1) execute arbitrary code on Linux platforms via a long username field during backup domain authentication, related to libnnlindtb.so; or (2) cause a denial of service (daemon crash) on Windows platforms via a long username field during backup domain authentication, related to nnwindtb.dll. NOTE: some of these details are obtained from third party information.

Metrics

EPSS Probability

16.55%

96.6th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-119

Affected Software

Vendor	Product	Versions
Novastor	Novanet	12

References

http://osvdb.org/52301Broken Link
http://osvdb.org/52302Broken Link
http://secunia.com/advisories/34024Vendor Advisory
http://www.insight-tech.org/index.php?p=NovaNET-12-Remote-Buffer-OveflowURL Repurposed
http://www.securityfocus.com/bid/33954Exploit, Third Party Advisory, VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/49074VDB Entry
http://osvdb.org/52301Broken Link
http://osvdb.org/52302Broken Link
http://secunia.com/advisories/34024Vendor Advisory
http://www.insight-tech.org/index.php?p=NovaNET-12-Remote-Buffer-OveflowURL Repurposed
http://www.securityfocus.com/bid/33954Exploit, Third Party Advisory, VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/49074VDB Entry

Timeline

Published: Mar 9, 2009
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2009-0849?

How severe is CVE-2009-0849?

Severity scoring for CVE-2009-0849 is pending analysis. The EPSS model estimates a 16.55% probability of exploitation in the next 30 days.

How do I fix CVE-2009-0849?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2009-0849?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST