Lucene search

K

PRIOn knowledge basePRION:CVE-2010-2761

HistoryDec 06, 2010 - 8:12 p.m.

Hardcoded credentials

2010-12-0620:12:00

PRIOn knowledge base

www.prio-n.com

3

6.7 Medium

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.8%

The multipart_init function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input that contains this value, a different vulnerability than CVE-2010-3172.

CPENameOperatorVersion
cgi-simplele1.112
cgi-simpleeq0.078
cgi-simpleeq0.079
cgi-simpleeq0.080
cgi-simpleeq0.081
cgi-simpleeq0.082
cgi-simpleeq0.83
cgi-simpleeq1.0
cgi-simpleeq1.1
cgi-simpleeq1.1.1

Rows per page:

1-10 of 1741

References

cpansearch.perl.org/src/LDS/CGI.pm-3.50/Changes

kb.juniper.net/InfoCenter/index?page=content&id=JSA10705

kb.juniper.net/InfoCenter/index?page=content&id=JSA10735

lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html

lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html

openwall.com/lists/oss-security/2010/12/01/1

openwall.com/lists/oss-security/2010/12/01/2

openwall.com/lists/oss-security/2010/12/01/3

osvdb.org/69588

osvdb.org/69589

perl5.git.perl.org/perl.git/blobdiff/a0b94c2432b1d8c20653453a0f6970cb10f59aec..84601d63a7e34958da47dad1e61e27cb3bd467d1:/cpan/CGI/lib/CGI.pm

perl5.git.perl.org/perl.git/commit/84601d63a7e34958da47dad1e61e27cb3bd467d1

secunia.com/advisories/42877

secunia.com/advisories/43033

secunia.com/advisories/43068

secunia.com/advisories/43147

secunia.com/advisories/43165

www.bugzilla.org/security/3.2.9/

www.mandriva.com/security/advisories?name=MDVSA-2010:237

www.mandriva.com/security/advisories?name=MDVSA-2010:250

www.nntp.perl.org/group/perl.perl5.changes/2010/11/msg28043.html

www.redhat.com/support/errata/RHSA-2011-1797.html

www.vupen.com/english/advisories/2011/0076

www.vupen.com/english/advisories/2011/0207

www.vupen.com/english/advisories/2011/0212

www.vupen.com/english/advisories/2011/0249

www.vupen.com/english/advisories/2011/0271

bugzilla.mozilla.org/show_bug.cgi?id=591165

bugzilla.mozilla.org/show_bug.cgi?id=600464

github.com/AndyA/CGI--Simple/commit/e4942b871a26c1317a175a91ebb7262eea59b380

lists.fedoraproject.org/pipermail/package-announce/2011-February/053665.html

lists.fedoraproject.org/pipermail/package-announce/2011-February/053678.html

lists.fedoraproject.org/pipermail/package-announce/2011-January/053576.html

lists.fedoraproject.org/pipermail/package-announce/2011-January/053591.html

6.7 Medium

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.8%

Related for PRION:CVE-2010-2761

cvelist5 debiancve3 openvas50 ubuntucve5 cve5 nessus33 nvd5 securityvulns5 prion4 f51 veracode1 fedora7 oraclelinux2 redhat2 centos1 ubuntu1 freebsd1 gentoo1 vmware2