Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2010-1326
HistoryOct 03, 2022 - 4:21 p.m.

CVE-2010-1326

2022-10-0316:21:01
CWE-264
[email protected]
web.nvd.nist.gov
27
cve-2010-1326
perms.cpp
march hare software
cvsnt
permissions bypass
arbitrary code execution
security vulnerability

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.063 Low

EPSS

Percentile

93.6%

JSON

perms.cpp in March Hare Software CVSNT 2.0.58, 2.5.01, 2.5.02, 2.5.03 before build 3736, 2.5.04 before build 2862; CVS Suite 2.5.03, 2008 before build 3736, and 2009 before 3729 allows remote attackers to bypass the permissions check, modify arbitrary modules and directories within CVSROOT, and execute arbitrary code via a crafted branch name ACL, possibly related to incorrect inheritance.

Affected configurations

NVD
Node
march-harecvs_suiteMatch2.5.03
OR
march-harecvs_suiteMatch2008
OR
march-harecvs_suiteMatch2009pre-release
OR
march-harecvsntMatch2.0.58
OR
march-harecvsntMatch2.5.01
OR
march-harecvsntMatch2.5.02
OR
march-harecvsntMatch2.5.03
OR
march-harecvsntMatch2.5.04

Related

nessus 1
securityvulns 2
openvas 2
osv 1
prion 1
kaspersky 1
cvelist 1
ubuntucve 1
nvd 1
debian 1
nessus
nessus
Debian DSA-2108-1 : cvsnt - programming error
2010-09-15 00:00:00
securityvulns
securityvulns
cvsnt unauthorized access
2010-09-17 00:00:00
[SECURITY] [DSA 2108-1] New cvsnt package fixes arbitrary code execution
2010-09-17 00:00:00
openvas
openvas
Debian Security Advisory DSA 2108-1 (cvsnt)
2010-10-10 00:00:00
Debian: Security Advisory (DSA-2108-1)
2010-10-10 00:00:00
osv
osv
cvsnt - arbitrary code execution
2010-09-14 00:00:00
prion
prion
Design/Logic Flaw
2010-09-15 18:00:00
kaspersky
kaspersky
KLA10098 Vulnerability in CVSNT
2014-08-08 00:00:00
cvelist
cvelist
CVE-2010-1326
2022-10-03 16:21:01
ubuntucve
ubuntucve
CVE-2010-1326
2010-09-15 00:00:00
nvd
nvd
CVE-2010-1326
2010-09-15 18:00:03
debian
debian
[SECURITY] [DSA 2108-1] New cvsnt package fixes arbitrary code execution
2010-09-14 06:47:05

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.063 Low

EPSS

Percentile

93.6%

JSON
Related for CVE-2010-1326
nessus1securityvulns2openvas2osv1prion1kaspersky1cvelist1ubuntucve1nvd1debian1