Lucene search

[email protected]CVE-2010-2072

HistoryJun 16, 2010 - 8:30 p.m.

CVE-2010-2072

2010-06-1620:30:00

CWE-310

[email protected]

web.nvd.nist.gov

cve-2010-2072

pyftpd

denial of service

sensitive information

nvd

6.3 Medium

AI Score

Confidence

Low

3.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:N/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON

Pyftpd 0.8.4 creates log files with predictable names in a temporary directory, which allows local users to cause a denial of service and obtain sensitive information.

CPENameOperatorVersion
radovan_garabik:pyftpdradovan garabik pyftpdeq0.8.4

CPE	Name	Operator	Version
radovan_garabik:pyftpd	radovan garabik pyftpd	eq	0.8.4

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=585773

www.openwall.com/lists/oss-security/2010/06/13/1

www.securityfocus.com/bid/40842

exchange.xforce.ibmcloud.com/vulnerabilities/59429

6.3 Medium

AI Score

Confidence

Low

3.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:N/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2010-2072

prion1 cvelist1 veracode1 debiancve1 ubuntucve1 openvas2