[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2010-2632

Date: (C)2011-01-19   (M)2017-08-18
 
CVSS Score: 7.8Access Vector: NETWORK
Exploitability Subscore: 10.0Access Complexity: LOW
Impact Subscore: 6.9Authentication: NONE
 Confidentiality: NONE
 Integrity: NONE
 Availability: COMPLETE











Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable researcher that this is an issue in the glob implementation in libc that allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames.

Reference:
SECTRACK-1024975
http://securityreason.com/achievement_securityalert/89
http://securityreason.com/achievement_securityalert/97
SECUNIA-42984
SECUNIA-43433
SECUNIA-55212
ADV-2011-0151
IAVM:2013-A-0194
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10598
http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html
https://support.avaya.com/css/P8/documents/100127892
solaris-ftp-dos(64798)

CPE    4
cpe:/o:sun:sunos:5.11::express
cpe:/o:sun:sunos:5.10
cpe:/o:sun:sunos:5.8
cpe:/o:sun:sunos:5.9
...
OVAL    2
oval:org.secpod.oval:def:2879
oval:org.secpod.oval:def:2880

© 2013 SecPod Technologies