Lucene search

[email protected]CVE-2010-0412

HistoryFeb 25, 2010 - 12:30 a.m.

CVE-2010-0412

2010-02-2500:30:00

[email protected]

web.nvd.nist.gov

cve-2010-0412

stap-server

systemtap 1.1

make program

security vulnerability

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.2

Confidence

Low

EPSS

0.099

Percentile

94.9%

JSON

stap-server in SystemTap 1.1 does not properly restrict the value of the -B (aka BUILD) option, which allows attackers to have an unspecified impact via vectors associated with executing the make program, a different vulnerability than CVE-2009-4273.

Affected configurations

NVD

Node

systemtapsystemtapMatch1.1

VendorProductVersionCPE
systemtapsystemtap1.1cpe:/a:systemtap:systemtap:1.1:::

Vendor	Product	Version	CPE
systemtap	systemtap	1.1	cpe:/a:systemtap:systemtap:1.1:::

References

lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html

lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html

lists.fedoraproject.org/pipermail/scm-commits/2010-February/394714.html

www.securityfocus.com/bid/38316

exchange.xforce.ibmcloud.com/vulnerabilities/56611

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.2

Confidence

Low

EPSS

0.099

Percentile

94.9%

JSON

Related for CVE-2010-0412

prion2 nvd2 debiancve2 cvelist2 ubuntucve2 fedora4 openvas15 oraclelinux1 nessus10 cve1 veracode1 centos1 redhat1