Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2010:0347
HistoryMay 28, 2010 - 10:47 a.m.

nss_db security update

2010-05-2810:47:08
CentOS Project
lists.centos.org
41

1.9 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.1%

JSON

CentOS Errata and Security Advisory CESA-2010:0347

The nss_db packages provide a set of C library extensions which allow
Berkeley Database (Berkeley DB) databases to be used as a primary source of
aliases, ethers, groups, hosts, networks, protocols, users, RPCs, services,
and shadow passwords. These databases are used instead of or in addition to
the flat files used by these tools by default.

It was discovered that nss_db did not specify a path to the directory to be
used as the database environment for the Berkeley Database library, causing
it to use the current working directory as the default. This could possibly
allow a local attacker to obtain sensitive information. (CVE-2010-0826)

Users of nss_db are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2010-May/078867.html
https://lists.centos.org/pipermail/centos-announce/2010-May/078868.html

Affected packages:
nss_db

Upstream details at:
https://access.redhat.com/errata/RHSA-2010:0347

Related

cve 1
openvas 13
oraclelinux 1
nessus 11
fedora 3
ubuntucve 1
cvelist 1
redhat 1
ubuntu 1
securityvulns 2
prion 1
seebug 1
debiancve 1
nvd 1
vmware 2
cve
cve
CVE-2010-0826
2010-04-05 15:30:01
openvas
openvas
Oracle: Security Advisory (ELSA-2010-0347)
2015-10-06 00:00:00
CentOS Update for nss_db CESA-2010:0347 centos5 i386
2011-08-09 00:00:00
Fedora Update for nss_db FEDORA-2010-6331
2010-05-07 00:00:00
oraclelinux
oraclelinux
nss_db security update
2010-04-13 00:00:00
nessus
nessus
Fedora 13 : nss_db-2.2.3-0.3.pre1.fc13 (2010-6203)
2010-07-01 00:00:00
Ubuntu 8.04 LTS / 8.10 / 9.04 / 9.10 : libnss-db vulnerability (USN-922-1)
2010-04-01 00:00:00
Scientific Linux Security Update : nss_db on SL5.x i386/x86_64
2012-08-01 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: nss_db-2.2-47.fc12
2010-05-06 03:41:31
[SECURITY] Fedora 13 Update: nss_db-2.2.3-0.3.pre1.fc13
2010-04-09 04:02:38
[SECURITY] Fedora 11 Update: nss_db-2.2-46.fc11
2010-05-06 03:45:33
ubuntucve
ubuntucve
CVE-2010-0826
2010-03-31 00:00:00
cvelist
cvelist
CVE-2010-0826
2010-04-05 15:15:00
redhat
redhat
(RHSA-2010:0347) Moderate: nss_db security update
2010-04-13 00:00:00
ubuntu
ubuntu
libnss-db vulnerability
2010-03-31 00:00:00
securityvulns
securityvulns
libnss-db unauthorized files access
2010-04-05 00:00:00
[USN-922-1] libnss-db vulnerability
2010-04-05 00:00:00
prion
prion
Design/Logic Flaw
2010-04-05 15:30:00
seebug
seebug
GNU libnss_db 2.2.3 εΊ“ζœ¬εœ°δΏ‘ζ―ζ³„ιœ²ζΌζ΄ž
2010-04-19 00:00:00
debiancve
debiancve
CVE-2010-0826
2010-04-05 15:30:01
nvd
nvd
CVE-2010-0826
2010-04-05 15:30:01
vmware
vmware
VMware ESX third party updates for Service Console
2010-09-30 00:00:00
VMware ESX third party updates for Service Console
2010-09-30 00:00:00

1.9 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for CESA-2010:0347
cve1openvas13oraclelinux1nessus11fedora3ubuntucve1cvelist1redhat1ubuntu1securityvulns2prion1seebug1debiancve1nvd1vmware2