Lucene search

[email protected]CVE-2010-1151

HistoryApr 20, 2010 - 4:30 p.m.

CVE-2010-1151

2010-04-2016:30:00

CWE-362

[email protected]

web.nvd.nist.gov

cve-2010-1151

apache http server

mod_auth_shadow

authentication bypass

remote attack

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.5 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.8%

JSON

Race condition in the mod_auth_shadow module for the Apache HTTP Server allows remote attackers to bypass authentication, and read and possibly modify data, via vectors related to improper interaction with an external helper application for validation of credentials.

Affected configurations

NVD

Node

apacheapache_http_server

CPENameOperatorVersion
apache:apache_http_serverapache apache http servereq*

CPE	Name	Operator	Version
apache:apache_http_server	apache apache http server	eq	*

References

lists.fedoraproject.org/pipermail/package-announce/2010-May/041326.html

lists.fedoraproject.org/pipermail/package-announce/2010-May/041340.html

secunia.com/advisories/39823

www.mandriva.com/security/advisories?name=MDVSA-2010:081

www.securityfocus.com/bid/39538

www.vupen.com/english/advisories/2010/0908

www.vupen.com/english/advisories/2010/1148

bugzilla.redhat.com/show_bug.cgi?id=578168

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.5 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.8%

JSON

Related for CVE-2010-1151

nessus4 openvas8 nvd1 securityvulns2 fedora3 ubuntucve1 cvelist1 prion1