Lucene search
HistoryAug 02, 2010 - 10:00 p.m.
CVE-2010-2540
cve-2010-2540
mapserver
mapserv.c
remote attackers
debugging
cgi
command-line
vulnerability
6.6 Medium
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.01 Low
EPSS
Percentile
83.2%
mapserv.c in mapserv in MapServer before 4.10.6 and 5.x before 5.6.4 does not properly restrict the use of CGI command-line arguments that were intended for debugging, which allows remote attackers to have an unspecified impact via crafted arguments.
References
Social References
More
Related
prion
prion
Command injection
2010-08-02 22:00:00
nessus
nessus
MapServer Insecure MapServ CGI Command-line Debug Args
2010-07-27 00:00:00
Debian DSA-2079-1 : mapserver - several vulnerabilities
2010-08-03 00:00:00
Fedora 13 : mapserver-5.6.5-1.fc13 (2010-12266)
2010-08-26 00:00:00
ubuntucve
ubuntucve
CVE-2010-2540
2010-08-02 00:00:00
debiancve
debiancve
CVE-2010-2540
2010-08-02 22:00:00
osv
osv
mapserver - arbitrary code execution
2010-07-31 00:00:00
openvas
openvas
Fedora Update for mapserver FEDORA-2011-9555
2011-08-12 00:00:00
Fedora Update for mapserver FEDORA-2011-9555
2011-08-12 00:00:00
MapServer < 4.10.6, 5.x < 5.6.4 Multiple Vulnerabilities
2010-08-02 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: mapserver-5.6.7-1.fc14
2011-08-02 02:00:49
[SECURITY] Fedora 13 Update: mapserver-5.6.5-1.fc13
2010-08-26 01:00:42
securityvulns
securityvulns
debian
debian
[SECURITY] [DSA 2078-1] New mapserver packages fix arbitrary code execution
2010-07-31 16:43:20
6.6 Medium
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.01 Low
EPSS
Percentile
83.2%
Related for CVE-2010-2540