Lucene search

[email protected]CVE-2010-1316

HistoryOct 03, 2022 - 4:21 p.m.

CVE-2010-1316

2022-10-0316:21:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2010-1316

tembria server monitor

buffer overflow

denial of service

arbitrary code execution

nvd

security issue

vulnerability

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

8.1 High

AI Score

Confidence

High

0.167 Low

EPSS

Percentile

96.1%

JSON

Multiple stack-based buffer overflows in Tembria Server Monitor before 5.6.1 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted (1) GET, (2) PUT, or (3) HEAD request, as demonstrated by a malformed GET request containing a long PATH_INFO to index.asp.

Affected configurations

NVD

Node

tembriaserver_monitorRange≤5.6.0

CPENameOperatorVersion
tembria:server_monitortembria server monitorle5.6.0

CPE	Name	Operator	Version
tembria:server_monitor	tembria server monitor	le	5.6.0

References

secunia.com/advisories/39270

www.corelan.be:8800/advisories.php?id=CORELAN-10-022

www.corelan.be:8800/wp-content/forum-file-uploads/admin1/exploits/corelan_lincoln_tembria.py_.txt

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

8.1 High

AI Score

Confidence

High

0.167 Low

EPSS

Percentile

96.1%

JSON

Related for CVE-2010-1316

seebug1 nvd1 nessus1 openvas2 cvelist1 exploitpack1 prion1 checkpoint_advisories1 exploitdb1