Lucene search

PRIOn knowledge basePRION:CVE-2010-0962

HistoryMar 10, 2010 - 10:30 p.m.

Command injection

2010-03-1022:30:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.01 Low

EPSS

Percentile

84.1%

JSON

The FTP proxy server in Apple AirPort Express, AirPort Extreme, and Time Capsule with firmware 7.5 does not restrict the IP address and port specified in a PORT command from a client, which allows remote attackers to leverage intranet FTP servers for arbitrary TCP forwarding via a crafted PORT command.

CPENameOperatorVersion
airport_expresseq7.5
airport_extremeeq7.5
time_capsuleeq7.5

Name	Operator	Version
airport_express	eq	7.5
airport_extreme	eq	7.5
time_capsule	eq	7.5

References

seclists.org/fulldisclosure/2010/Mar/106

www.securityfocus.com/archive/1/509867/100/0/threaded

www.securityfocus.com/archive/1/509974/100/0/threaded

www.securityfocus.com/bid/38543

exchange.xforce.ibmcloud.com/vulnerabilities/56701

7.1 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.01 Low

EPSS

Percentile

84.1%

JSON

Related for PRION:CVE-2010-0962