Lucene search
HistoryApr 05, 2010 - 4:30 p.m.
CVE-2010-0009
cve-2010-0009
apache
couchdb
remote attack
sensitive information
hashes
passwords
nvd
6 Medium
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
53.7%
Apache CouchDB 0.8.0 through 0.10.1 allows remote attackers to obtain sensitive information by measuring the completion time of operations that verify (1) hashes or (2) passwords.
Related
nessus
nessus
Fedora 12 : couchdb-0.10.2-1.fc12 (2010-8298)
2010-07-01 00:00:00
Fedora 13 : couchdb-0.10.2-1.fc13 (2010-8234)
2010-07-01 00:00:00
Apache CouchDB < 0.11.0 Hash Verification Information Leak
2010-04-07 00:00:00
prion
prion
Information disclosure
2010-04-05 16:30:00
openvas
openvas
Fedora Update for couchdb FEDORA-2010-8275
2010-05-17 00:00:00
CouchDB < 0.11 Message Digest Verification Security Bypass Vulnerability
2010-04-12 00:00:00
Fedora Update for couchdb FEDORA-2010-8298
2010-05-17 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: couchdb-0.10.2-1.fc13
2010-05-12 12:25:17
[SECURITY] Fedora 12 Update: couchdb-0.10.2-1.fc12
2010-05-11 19:40:39
[SECURITY] Fedora 11 Update: couchdb-0.10.2-1.fc11
2010-05-11 19:38:07
cvelist
cvelist
CVE-2010-0009
2010-04-05 16:00:00
ubuntucve
ubuntucve
CVE-2010-0009
2010-04-05 00:00:00
securityvulns
securityvulns
Apache CouchDB timing attack
2010-04-05 00:00:00
6 Medium
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
53.7%
Related for CVE-2010-0009