VAR-201103-0141
Vulnerability from variot - Updated: 2023-12-18 10:56The glob implementation in libc in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, and OpenBSD 4.7, and Libsystem in Apple Mac OS X before 10.6.8, allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632. FreeBSD , NetBSD , OpenBSD Used in etc. libc and Apple Mac OS X of Libsystem There is a service disruption (CPU And memory corruption ) There is a vulnerability that becomes a condition. This vulnerability CVE-2010-2632 Is a different vulnerability.Crafted by a remotely authenticated user that does not match any pathname glob Service disruption through format (CPU And memory corruption ) There is a possibility of being put into a state. OpenBSD, NetBSD, and FreeBSD are all popular BSD operating systems, which are derivative systems of Unix. Vulnerabilities exist in the glob implementation in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, and OpenBSD 4.7
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201103-0141",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netbsd",
"scope": "eq",
"trust": 1.6,
"vendor": "netbsd",
"version": "5.0.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "8.1"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "openbsd",
"version": "4.7"
},
{
"model": "mac os x",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.6.7"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "7.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.8,
"vendor": "freebsd",
"version": "5.3 7.3 to 8.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.8,
"vendor": "netbsd",
"version": "1.5 5.0.2"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.8,
"vendor": "openbsd",
"version": "3.4 4.7"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "10.6.8"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003973"
},
{
"db": "NVD",
"id": "CVE-2010-4754"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-035"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:5.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.6.7",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-4754"
}
]
},
"cve": "CVE-2010-4754",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2010-4754",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "VHN-47359",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-4754",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201103-035",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-47359",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-47359"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003973"
},
{
"db": "NVD",
"id": "CVE-2010-4754"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-035"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The glob implementation in libc in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, and OpenBSD 4.7, and Libsystem in Apple Mac OS X before 10.6.8, allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632. FreeBSD , NetBSD , OpenBSD Used in etc. libc and Apple Mac OS X of Libsystem There is a service disruption (CPU And memory corruption ) There is a vulnerability that becomes a condition. This vulnerability CVE-2010-2632 Is a different vulnerability.Crafted by a remotely authenticated user that does not match any pathname glob Service disruption through format (CPU And memory corruption ) There is a possibility of being put into a state. OpenBSD, NetBSD, and FreeBSD are all popular BSD operating systems, which are derivative systems of Unix. Vulnerabilities exist in the glob implementation in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, and OpenBSD 4.7",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-4754"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003973"
},
{
"db": "VULHUB",
"id": "VHN-47359"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-4754",
"trust": 2.5
},
{
"db": "SREASON",
"id": "8116",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003973",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201103-035",
"trust": 0.7
},
{
"db": "SREASONRES",
"id": "20101007 MULTIPLE VENDORS LIBC/GLOB(3) RESOURCE EXHAUSTION (+0DAY REMOTE FTPD-ANON)",
"trust": 0.6
},
{
"db": "NETBSD",
"id": "NETBSD-SA2010-008",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-47359",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-47359"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003973"
},
{
"db": "NVD",
"id": "CVE-2010-4754"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-035"
}
]
},
"id": "VAR-201103-0141",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-47359"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T10:56:27.916000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT4723",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht4723"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.freebsd.org/"
},
{
"title": "NetBSD-SA2010-008",
"trust": 0.8,
"url": "http://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2010-008.txt.asc"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.openbsd.org/"
},
{
"title": "9223.0",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=39531"
},
{
"title": "plain",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=39533"
},
{
"title": "plain",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=39532"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003973"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-035"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-47359"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003973"
},
{
"db": "NVD",
"id": "CVE-2010-4754"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/lib/libc/gen/glob.3#rev1.30.12.1"
},
{
"trust": 1.7,
"url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/lib/libc/gen/glob.c#rev1.18.10.1"
},
{
"trust": 1.7,
"url": "http://cxib.net/stuff/glob-0day.c"
},
{
"trust": 1.7,
"url": "http://securityreason.com/exploitalert/9223"
},
{
"trust": 1.7,
"url": "http://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2010-008.txt.asc"
},
{
"trust": 1.7,
"url": "http://securityreason.com/achievement_securityalert/89"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2011//jun/msg00000.html"
},
{
"trust": 1.1,
"url": "http://support.apple.com/kb/ht4723"
},
{
"trust": 1.1,
"url": "http://securityreason.com/securityalert/8116"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4754"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-4754"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-47359"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003973"
},
{
"db": "NVD",
"id": "CVE-2010-4754"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-035"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-47359"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003973"
},
{
"db": "NVD",
"id": "CVE-2010-4754"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-035"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-03-02T00:00:00",
"db": "VULHUB",
"id": "VHN-47359"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003973"
},
{
"date": "2011-03-02T20:00:00.927000",
"db": "NVD",
"id": "CVE-2010-4754"
},
{
"date": "2011-03-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201103-035"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-09-21T00:00:00",
"db": "VULHUB",
"id": "VHN-47359"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003973"
},
{
"date": "2011-09-21T04:00:00",
"db": "NVD",
"id": "CVE-2010-4754"
},
{
"date": "2011-03-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201103-035"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201103-035"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "FreeBSD Used in etc. libc of glob Service disruption in implementation (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003973"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201103-035"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…