Lucene search

[email protected]CVE-2010-1147

HistoryApr 06, 2010 - 4:30 p.m.

CVE-2010-1147

2010-04-0616:30:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2010-1147

open dchub

open dc hub

buffer overflow

remote code execution

security vulnerability

7.3 High

AI Score

Confidence

Low

6 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

0.519 Medium

EPSS

Percentile

97.5%

JSON

Stack-based buffer overflow in Open Direct Connect Hub (aka Open DC Hub or OpenDCHub) 0.8.1 allows remote authenticated users to execute arbitrary code via a long MyINFO message.

CPENameOperatorVersion
roshan_singh:open_direct_connect_hubroshan singh open direct connect hubeq0.8.1

CPE	Name	Operator	Version
roshan_singh:open_direct_connect_hub	roshan singh open direct connect hub	eq	0.8.1

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=576308

lists.fedoraproject.org/pipermail/package-announce/2010-April/040360.html

lists.fedoraproject.org/pipermail/package-announce/2010-April/040380.html

lists.fedoraproject.org/pipermail/package-announce/2010-April/040421.html

marc.info/?l=oss-security&m=127051570728944&w=2

openwall.com/lists/oss-security/2010/04/03/1

secunia.com/advisories/39664

www.indahax.com/exploits/opendchub-0-8-1-remote-code-execution-exploit#more-600

www.securityfocus.com/archive/1/510428

www.securityfocus.com/bid/39129

www.vupen.com/english/advisories/2010/1023

www.vupen.com/english/advisories/2010/1044

bugzilla.redhat.com/show_bug.cgi?id=579206

7.3 High

AI Score

Confidence

Low

6 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

0.519 Medium

EPSS

Percentile

97.5%

JSON

Related for CVE-2010-1147

nessus4 fedora3 openvas5 gentoo1 prion1 ubuntucve1