Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2010-2540HistoryAug 02, 2010 - 10:00 p.m.
CVE-2010-2540
2010-08-0222:00:01
Debian Security Bug Tracker
security-tracker.debian.org
17
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
0.01
Percentile
83.4%
mapserv.c in mapserv in MapServer before 4.10.6 and 5.x before 5.6.4 does not properly restrict the use of CGI command-line arguments that were intended for debugging, which allows remote attackers to have an unspecified impact via crafted arguments.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | mapserver | < 5.6.4-1 | mapserver_5.6.4-1_all.deb |
| Debian | 11 | all | mapserver | < 5.6.4-1 | mapserver_5.6.4-1_all.deb |
| Debian | 999 | all | mapserver | < 5.6.4-1 | mapserver_5.6.4-1_all.deb |
| Debian | 13 | all | mapserver | < 5.6.4-1 | mapserver_5.6.4-1_all.deb |
Related
nessus
nessus
MapServer Insecure MapServ CGI Command-line Debug Args
2010-07-27 00:00:00
Debian DSA-2079-1 : mapserver - several vulnerabilities
2010-08-03 00:00:00
Fedora 13 : mapserver-5.6.5-1.fc13 (2010-12266)
2010-08-26 00:00:00
prion
prion
Command injection
2010-08-02 22:00:00
cve
cve
CVE-2010-2540
2010-08-02 22:00:01
ubuntucve
ubuntucve
CVE-2010-2540
2010-08-02 00:00:00
nvd
nvd
CVE-2010-2540
2010-08-02 22:00:01
cvelist
cvelist
CVE-2010-2540
2010-08-02 21:00:00
openvas
openvas
MapServer < 4.10.6, 5.x < 5.6.4 Multiple Vulnerabilities
2010-08-02 00:00:00
Fedora Update for mapserver FEDORA-2011-9555
2011-08-12 00:00:00
Fedora Update for mapserver FEDORA-2011-9555
2011-08-12 00:00:00
debian
debian
[SECURITY] [DSA 2078-1] New mapserver packages fix arbitrary code execution
2010-07-31 16:43:20
securityvulns
securityvulns
fedora
fedora
[SECURITY] Fedora 14 Update: mapserver-5.6.7-1.fc14
2011-08-02 02:00:49
[SECURITY] Fedora 13 Update: mapserver-5.6.5-1.fc13
2010-08-26 01:00:42
osv
osv
mapserver - arbitrary code execution
2010-07-31 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
0.01
Percentile
83.4%
Related for DEBIANCVE:CVE-2010-2540