Lucene search

[email protected]CVE-2010-2075

HistoryJun 15, 2010 - 2:04 p.m.

CVE-2010-2075

2010-06-1514:04:00

CWE-20

[email protected]

web.nvd.nist.gov

106

cve-2010-2075

unrealircd

remote code execution

security vulnerability

nvd

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.65 Medium

EPSS

Percentile

97.9%

JSON

UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from November 2009 through June 2010, contains an externally introduced modification (Trojan Horse) in the DEBUG3_DOLOG_SYSTEM macro, which allows remote attackers to execute arbitrary commands.

CPENameOperatorVersion
unrealircd:unrealircdunrealircdeq3.2.8.1

CPE	Name	Operator	Version
unrealircd:unrealircd	unrealircd	eq	3.2.8.1

References

osvdb.org/65445

seclists.org/fulldisclosure/2010/Jun/277

seclists.org/fulldisclosure/2010/Jun/284

secunia.com/advisories/40169

security.gentoo.org/glsa/glsa-201006-21.xml

www.exploit-db.com/exploits/13853

www.openwall.com/lists/oss-security/2010/06/14/11

www.securityfocus.com/bid/40820

www.unrealircd.com/txt/unrealsecadvisory.20100612.txt

www.vupen.com/english/advisories/2010/1437

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.65 Medium

EPSS

Percentile

97.9%

JSON

Related for CVE-2010-2075

openvas3 prion1 nessus2 gentoo1 avleonov1