var-201103-0141
Vulnerability from variot
The glob implementation in libc in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, and OpenBSD 4.7, and Libsystem in Apple Mac OS X before 10.6.8, allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632. FreeBSD , NetBSD , OpenBSD Used in etc. libc and Apple Mac OS X of Libsystem There is a service disruption (CPU And memory corruption ) There is a vulnerability that becomes a condition. This vulnerability CVE-2010-2632 Is a different vulnerability.Crafted by a remotely authenticated user that does not match any pathname glob Service disruption through format (CPU And memory corruption ) There is a possibility of being put into a state. OpenBSD, NetBSD, and FreeBSD are all popular BSD operating systems, which are derivative systems of Unix. Vulnerabilities exist in the glob implementation in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, and OpenBSD 4.7
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201103-0141",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netbsd",
"scope": "eq",
"trust": 1.6,
"vendor": "netbsd",
"version": "5.0.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "8.1"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "openbsd",
"version": "4.7"
},
{
"model": "mac os x",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.6.7"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "7.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.8,
"vendor": "freebsd",
"version": "5.3 7.3 to 8.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.8,
"vendor": "netbsd",
"version": "1.5 5.0.2"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.8,
"vendor": "openbsd",
"version": "3.4 4.7"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "10.6.8"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003973"
},
{
"db": "NVD",
"id": "CVE-2010-4754"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-035"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:5.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.6.7",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-4754"
}
]
},
"cve": "CVE-2010-4754",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2010-4754",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "VHN-47359",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-4754",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201103-035",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-47359",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-47359"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003973"
},
{
"db": "NVD",
"id": "CVE-2010-4754"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-035"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The glob implementation in libc in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, and OpenBSD 4.7, and Libsystem in Apple Mac OS X before 10.6.8, allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632. FreeBSD , NetBSD , OpenBSD Used in etc. libc and Apple Mac OS X of Libsystem There is a service disruption (CPU And memory corruption ) There is a vulnerability that becomes a condition. This vulnerability CVE-2010-2632 Is a different vulnerability.Crafted by a remotely authenticated user that does not match any pathname glob Service disruption through format (CPU And memory corruption ) There is a possibility of being put into a state. OpenBSD, NetBSD, and FreeBSD are all popular BSD operating systems, which are derivative systems of Unix. Vulnerabilities exist in the glob implementation in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, and OpenBSD 4.7",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-4754"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003973"
},
{
"db": "VULHUB",
"id": "VHN-47359"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-4754",
"trust": 2.5
},
{
"db": "SREASON",
"id": "8116",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003973",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201103-035",
"trust": 0.7
},
{
"db": "SREASONRES",
"id": "20101007 MULTIPLE VENDORS LIBC/GLOB(3) RESOURCE EXHAUSTION (+0DAY REMOTE FTPD-ANON)",
"trust": 0.6
},
{
"db": "NETBSD",
"id": "NETBSD-SA2010-008",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-47359",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-47359"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003973"
},
{
"db": "NVD",
"id": "CVE-2010-4754"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-035"
}
]
},
"id": "VAR-201103-0141",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-47359"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T10:56:27.916000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT4723",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht4723"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.freebsd.org/"
},
{
"title": "NetBSD-SA2010-008",
"trust": 0.8,
"url": "http://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2010-008.txt.asc"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.openbsd.org/"
},
{
"title": "9223.0",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=39531"
},
{
"title": "plain",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=39533"
},
{
"title": "plain",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=39532"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003973"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-035"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-47359"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003973"
},
{
"db": "NVD",
"id": "CVE-2010-4754"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/lib/libc/gen/glob.3#rev1.30.12.1"
},
{
"trust": 1.7,
"url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/lib/libc/gen/glob.c#rev1.18.10.1"
},
{
"trust": 1.7,
"url": "http://cxib.net/stuff/glob-0day.c"
},
{
"trust": 1.7,
"url": "http://securityreason.com/exploitalert/9223"
},
{
"trust": 1.7,
"url": "http://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2010-008.txt.asc"
},
{
"trust": 1.7,
"url": "http://securityreason.com/achievement_securityalert/89"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2011//jun/msg00000.html"
},
{
"trust": 1.1,
"url": "http://support.apple.com/kb/ht4723"
},
{
"trust": 1.1,
"url": "http://securityreason.com/securityalert/8116"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4754"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-4754"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-47359"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003973"
},
{
"db": "NVD",
"id": "CVE-2010-4754"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-035"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-47359"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003973"
},
{
"db": "NVD",
"id": "CVE-2010-4754"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-035"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-03-02T00:00:00",
"db": "VULHUB",
"id": "VHN-47359"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003973"
},
{
"date": "2011-03-02T20:00:00.927000",
"db": "NVD",
"id": "CVE-2010-4754"
},
{
"date": "2011-03-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201103-035"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-09-21T00:00:00",
"db": "VULHUB",
"id": "VHN-47359"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003973"
},
{
"date": "2011-09-21T04:00:00",
"db": "NVD",
"id": "CVE-2010-4754"
},
{
"date": "2011-03-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201103-035"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201103-035"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "FreeBSD Used in etc. libc of glob Service disruption in implementation (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003973"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201103-035"
}
],
"trust": 0.6
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.