Lucene search

Debian Security Bug TrackerDEBIANCVE:CVE-2010-2064

HistoryOct 29, 2019 - 10:15 p.m.

CVE-2010-2064

2019-10-2922:15:10

Debian Security Bug Tracker

security-tracker.debian.org

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

0.0004 Low

EPSS

Percentile

5.1%

JSON

rpcbind 0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr.

OSVersionArchitecturePackageVersionFilename
Debian12allrpcbind< 0.2.0-4.1rpcbind_0.2.0-4.1_all.deb
Debian11allrpcbind< 0.2.0-4.1rpcbind_0.2.0-4.1_all.deb
Debian999allrpcbind< 0.2.0-4.1rpcbind_0.2.0-4.1_all.deb
Debian13allrpcbind< 0.2.0-4.1rpcbind_0.2.0-4.1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	rpcbind	< 0.2.0-4.1	rpcbind_0.2.0-4.1_all.deb
Debian	11	all	rpcbind	< 0.2.0-4.1	rpcbind_0.2.0-4.1_all.deb
Debian	999	all	rpcbind	< 0.2.0-4.1	rpcbind_0.2.0-4.1_all.deb
Debian	13	all	rpcbind	< 0.2.0-4.1	rpcbind_0.2.0-4.1_all.deb

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for DEBIANCVE:CVE-2010-2064