[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2010-2632Date: (C)2011-01-19   (M)2024-03-26


Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable researcher that this is an issue in the glob implementation in libc that allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.8
Exploit Score: 10.0
Impact Score: 6.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: COMPLETE
  
Reference:
SECTRACK-1024975
http://securityreason.com/achievement_securityalert/89
http://securityreason.com/achievement_securityalert/97
SECUNIA-42984
SECUNIA-43433
SECUNIA-55212
ADV-2011-0151
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10598
http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html
https://support.avaya.com/css/P8/documents/100127892
solaris-ftp-dos(64798)

CPE    4
cpe:/o:sun:sunos:5.10
cpe:/o:sun:sunos:5.8
cpe:/o:sun:sunos:5.11::express
cpe:/o:sun:sunos:5.9
...
OVAL    2
oval:org.secpod.oval:def:2879
oval:org.secpod.oval:def:2880

© SecPod Technologies