CVE-2009-3448

Name: CVE-2009-3448
Creator: NVD / NIST
Published: 2009-09-29T15:30:00.483+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 1.72%

Last modified Jun 16, 2026

CVE-2009-3448 is a vulnerability of currently unknown severity. npvmgr.exe in BakBone NetVault Backup 8.22 Build 29 allows remote attackers to cause a denial of service (daemon crash) via a packet to (1) TCP or (2) UDP port 20031 with a large value in an unspecified size field, which is not properly handled in a malloc operation. NOTE: some of these details are obtained from third party information.. EPSS estimates a 1.72% chance of exploitation in the next 30 days.

Description

npvmgr.exe in BakBone NetVault Backup 8.22 Build 29 allows remote attackers to cause a denial of service (daemon crash) via a packet to (1) TCP or (2) UDP port 20031 with a large value in an unspecified size field, which is not properly handled in a malloc operation. NOTE: some of these details are obtained from third party information.

Metrics

EPSS Probability

1.72%

74.6th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-20

Affected Software

Vendor	Product	Versions
Bakbone	Netvault	8.22

References

Timeline

Published: Sep 29, 2009
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2009-3448?

How severe is CVE-2009-3448?

Severity scoring for CVE-2009-3448 is pending analysis. The EPSS model estimates a 1.72% probability of exploitation in the next 30 days.

How do I fix CVE-2009-3448?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2009-3448?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST