Lucene search

[email protected]CVE-2010-0412

HistoryFeb 25, 2010 - 12:30 a.m.

CVE-2010-0412

2010-02-2500:30:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

cve-2010-0412

stap-server

systemtap 1.1

make program

security vulnerability

6.1 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.058 Low

EPSS

Percentile

93.3%

JSON

stap-server in SystemTap 1.1 does not properly restrict the value of the -B (aka BUILD) option, which allows attackers to have an unspecified impact via vectors associated with executing the make program, a different vulnerability than CVE-2009-4273.

CPENameOperatorVersion
systemtap:systemtapsystemtapeq1.1

CPE	Name	Operator	Version
systemtap:systemtap	systemtap	eq	1.1

References

lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html

lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html

lists.fedoraproject.org/pipermail/scm-commits/2010-February/394714.html

www.securityfocus.com/bid/38316

exchange.xforce.ibmcloud.com/vulnerabilities/56611

6.1 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.058 Low

EPSS

Percentile

93.3%

JSON

Related for CVE-2010-0412

ubuntucve2 prion2 debiancve2 fedora4 nessus10 openvas15 oraclelinux1 veracode1 cve1 centos1 redhat1