Lucene search

PRIOn knowledge basePRION:CVE-2010-0624

HistoryMar 15, 2010 - 1:28 p.m.

Heap overflow

2010-03-1513:28:00

PRIOn knowledge base

www.prio-n.com

8.8 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.018 Low

EPSS

Percentile

87.8%

JSON

Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character.

CPENameOperatorVersion
cpioeq2.9
cpioeq2.5.90
cpioeq1.1
cpioeq1.3
cpioeq2.7
cpioeq1.2
cpioeq2.6
cpiole2.10
cpioeq2.5
cpioeq1.0

Name	Operator	Version
cpio	eq	2.9
cpio	eq	2.5.90
cpio	eq	1.1
cpio	eq	1.3
cpio	eq	2.7
cpio	eq	1.2
cpio	eq	2.6
cpio	le	2.10
cpio	eq	2.5
cpio	eq	1.0

Rows per page:

1-10 of 361

References

kb.juniper.net/InfoCenter/index?page=content&id=JSA10691

kb.juniper.net/InfoCenter/index?page=content&id=JSA10705

lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html

osvdb.org/62950

secunia.com/advisories/38869

secunia.com/advisories/38988

secunia.com/advisories/39008

security.gentoo.org/glsa/glsa-201111-11.xml

www.agrs.tu-berlin.de/index.php?id=78327

www.mandriva.com/security/advisories?name=MDVSA-2010:065

www.redhat.com/support/errata/RHSA-2010-0141.html

www.redhat.com/support/errata/RHSA-2010-0142.html

www.redhat.com/support/errata/RHSA-2010-0144.html

www.redhat.com/support/errata/RHSA-2010-0145.html

www.securityfocus.com/archive/1/514503/100/0/threaded

www.ubuntu.com/usn/USN-2456-1

www.vupen.com/english/advisories/2010/0628

www.vupen.com/english/advisories/2010/0629

www.vupen.com/english/advisories/2010/0639

www.vupen.com/english/advisories/2010/0687

www.vupen.com/english/advisories/2010/0728

www.vupen.com/english/advisories/2010/0729

www.vupen.com/english/advisories/2010/1107

bugzilla.redhat.com/show_bug.cgi?id=564368

issues.rpath.com/browse/RPL-3219

lists.fedoraproject.org/pipermail/package-announce/2010-March/036668.html

lists.fedoraproject.org/pipermail/package-announce/2010-March/037395.html

lists.fedoraproject.org/pipermail/package-announce/2010-March/037401.html

lists.fedoraproject.org/pipermail/package-announce/2010-March/038134.html

lists.fedoraproject.org/pipermail/package-announce/2010-March/038149.html

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10277

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6907

8.8 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.018 Low

EPSS

Percentile

87.8%

JSON

Related for PRION:CVE-2010-0624