Lucene search
HistoryAug 02, 2010 - 10:00 p.m.
CVE-2010-2540
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
6.6 Medium
AI Score
Confidence
Low
0.01 Low
EPSS
Percentile
83.4%
mapserv.c in mapserv in MapServer before 4.10.6 and 5.x before 5.6.4 does not properly restrict the use of CGI command-line arguments that were intended for debugging, which allows remote attackers to have an unspecified impact via crafted arguments.
Affected configurations
Node
osgeomapserverRange≤4.10.5
ORosgeomapserverMatch4.2.0beta1
ORosgeomapserverMatch4.4.0
ORosgeomapserverMatch4.4.0beta1
ORosgeomapserverMatch4.4.0beta2
ORosgeomapserverMatch4.4.0beta3
ORosgeomapserverMatch4.6.0
ORosgeomapserverMatch4.6.0beta1
ORosgeomapserverMatch4.6.0beta2
ORosgeomapserverMatch4.6.0beta3
ORosgeomapserverMatch4.6.0rc1
ORosgeomapserverMatch4.8.0beta1
ORosgeomapserverMatch4.8.0beta2
ORosgeomapserverMatch4.8.0beta3
ORosgeomapserverMatch4.8.0rc1
ORosgeomapserverMatch4.8.0rc2
ORosgeomapserverMatch4.10.0
ORosgeomapserverMatch4.10.0beta1
ORosgeomapserverMatch4.10.0beta2
ORosgeomapserverMatch4.10.0beta3
ORosgeomapserverMatch4.10.0rc1
ORosgeomapserverMatch4.10.1
ORosgeomapserverMatch4.10.2
ORosgeomapserverMatch4.10.3
ORosgeomapserverMatch4.10.4
ORumnmapserverMatch4.0
Node
osgeomapserverRange≤5.6.3
ORosgeomapserverMatch5.0.0
ORosgeomapserverMatch5.0.0beta1
ORosgeomapserverMatch5.0.0beta2
ORosgeomapserverMatch5.0.0beta3
ORosgeomapserverMatch5.0.0beta4
ORosgeomapserverMatch5.0.0beta5
ORosgeomapserverMatch5.0.0beta6
ORosgeomapserverMatch5.0.0rc1
ORosgeomapserverMatch5.0.0rc2
ORosgeomapserverMatch5.2.0
ORosgeomapserverMatch5.2.0beta1
ORosgeomapserverMatch5.2.0beta2
ORosgeomapserverMatch5.2.0beta3
ORosgeomapserverMatch5.2.0beta4
ORosgeomapserverMatch5.2.0rc1
ORosgeomapserverMatch5.2.1
ORosgeomapserverMatch5.4.0
ORosgeomapserverMatch5.4.0beta1
ORosgeomapserverMatch5.4.0beta2
ORosgeomapserverMatch5.4.0beta3
ORosgeomapserverMatch5.4.0beta4
ORosgeomapserverMatch5.4.0rc1
ORosgeomapserverMatch5.4.0rc2
ORosgeomapserverMatch5.4.1
ORosgeomapserverMatch5.4.2
ORosgeomapserverMatch5.6.0
ORosgeomapserverMatch5.6.1
Related
nessus
nessus
MapServer Insecure MapServ CGI Command-line Debug Args
2010-07-27 00:00:00
Debian DSA-2079-1 : mapserver - several vulnerabilities
2010-08-03 00:00:00
Fedora 13 : mapserver-5.6.5-1.fc13 (2010-12266)
2010-08-26 00:00:00
cve
cve
CVE-2010-2540
2010-08-02 22:00:01
prion
prion
Command injection
2010-08-02 22:00:00
ubuntucve
ubuntucve
CVE-2010-2540
2010-08-02 00:00:00
cvelist
cvelist
CVE-2010-2540
2010-08-02 21:00:00
debiancve
debiancve
CVE-2010-2540
2010-08-02 22:00:01
openvas
openvas
MapServer < 4.10.6, 5.x < 5.6.4 Multiple Vulnerabilities
2010-08-02 00:00:00
Fedora Update for mapserver FEDORA-2011-9555
2011-08-12 00:00:00
Fedora Update for mapserver FEDORA-2011-9555
2011-08-12 00:00:00
securityvulns
securityvulns
debian
debian
[SECURITY] [DSA 2078-1] New mapserver packages fix arbitrary code execution
2010-07-31 16:43:20
fedora
fedora
[SECURITY] Fedora 14 Update: mapserver-5.6.7-1.fc14
2011-08-02 02:00:49
[SECURITY] Fedora 13 Update: mapserver-5.6.5-1.fc13
2010-08-26 01:00:42
osv
osv
mapserver - arbitrary code execution
2010-07-31 00:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
6.6 Medium
AI Score
Confidence
Low
0.01 Low
EPSS
Percentile
83.4%
Related for NVD:CVE-2010-2540