CVE-2010-1039

CVSS V2 High 10 CVSS V3 None

Description

Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name.

Overview

CVE ID
CVE-2010-1039

Assigner
hp-security-alert@hp.com

Vulnerability Status
Modified

Published Version
2010-05-20T17:30:01

Last Modified Date
2018-10-10T19:55:22

Weakness Enumerations

CWE	URL
CWE-134	http://cwe.mitre.org/data/definitions/134.html

CPE Configuration (Product)

CPE	Vulnerable	Operator	Version End
		AND
cpe:2.3:a:hp:nfs\/oncplus::::::::	1	OR	b.11.31_09
cpe:2.3:o:hp:hp-ux:b.11.11:::::::*	0	OR
cpe:2.3:o:hp:hp-ux:b.11.23:::::::*	0	OR
cpe:2.3:o:hp:hp-ux:b.11.31:::::::*	0	OR
		AND
cpe:2.3:o:ibm:aix::::::::	1	OR	5.3
cpe:2.3:o:ibm:aix:1.2.1:::::::*	1	OR
cpe:2.3:o:ibm:aix:1.3:::::::*	1	OR
cpe:2.3:o:ibm:aix:2.2.1:::::::*	1	OR
cpe:2.3:o:ibm:aix:3.1:::::::*	1	OR
cpe:2.3:o:ibm:aix:3.2:::::::*	1	OR
cpe:2.3:o:ibm:aix:3.2.0:::::::*	1	OR
cpe:2.3:o:ibm:aix:3.2.4:::::::*	1	OR
cpe:2.3:o:ibm:aix:3.2.5:::::::*	1	OR
cpe:2.3:o:ibm:aix:4:::::::*	1	OR
cpe:2.3:o:ibm:aix:4.0:::::::*	1	OR
cpe:2.3:o:ibm:aix:4.1:::::::*	1	OR
cpe:2.3:o:ibm:aix:4.1.1:::::::*	1	OR
cpe:2.3:o:ibm:aix:4.1.2:::::::*	1	OR
cpe:2.3:o:ibm:aix:4.1.3:::::::*	1	OR
cpe:2.3:o:ibm:aix:4.1.4:::::::*	1	OR
cpe:2.3:o:ibm:aix:4.1.5:::::::*	1	OR
cpe:2.3:o:ibm:aix:4.2:::::::*	1	OR
cpe:2.3:o:ibm:aix:4.2.0:::::::*	1	OR
cpe:2.3:o:ibm:aix:4.2.1:::::::*	1	OR
cpe:2.3:o:ibm:aix:4.2.1.12:::::::*	1	OR
cpe:2.3:o:ibm:aix:4.3:::::::*	1	OR
cpe:2.3:o:ibm:aix:4.3.0:::::::*	1	OR
cpe:2.3:o:ibm:aix:4.3.1:::::::*	1	OR
cpe:2.3:o:ibm:aix:4.3.2:::::::*	1	OR
cpe:2.3:o:ibm:aix:4.3.3:::::::*	1	OR
cpe:2.3:o:ibm:aix:5.1:::::::*	1	OR
cpe:2.3:o:ibm:aix:5.1.0.10:::::::*	1	OR
cpe:2.3:o:ibm:aix:5.1l:::::::*	1	OR
cpe:2.3:o:ibm:aix:5.2:::::::*	1	OR
cpe:2.3:o:ibm:aix:5.2.0:::::::*	1	OR
cpe:2.3:o:ibm:aix:5.2.0.50:::::::*	1	OR
cpe:2.3:o:ibm:aix:5.2.0.54:::::::*	1	OR
cpe:2.3:o:ibm:aix:5.2.2:::::::*	1	OR
cpe:2.3:o:ibm:aix:5.2_l:::::::*	1	OR
cpe:2.3:o:ibm:aix:6.1:::::::*	1	OR
cpe:2.3:o:ibm:aix:430:::::::*	1	OR
		AND
cpe:2.3:a:ibm:vios::::::::	1	OR	1.5
cpe:2.3:a:ibm:vios:1.4:::::::*	1	OR
cpe:2.3:a:ibm:vios:2.1:::::::*	1	OR
		AND
cpe:2.3:o:sgi:irix:6.5:::::::*	1	OR

CVSS Version 2

Version
2.0

Vector String
AV:N/AC:L/Au:N/C:C/I:C/A:C

Access Vector
NETWORK

Access Compatibility
LOW

Authentication
NONE

Confidentiality Impact
COMPLETE

Integrity Impact
COMPLETE

Availability Impact
COMPLETE

Base Score
10

Severity
HIGH

Exploitability Score
10

Impact Score
10

References

Reference URL	Reference Tags
http://www.securityfocus.com/bid/40248	Patch
http://secunia.com/advisories/39835	Vendor Advisory
http://marc.info/?l=bugtraq&m=127428077629933&w=2	Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=isg1IZ73599
http://aix.software.ibm.com/aix/efixes/security/pcnfsd_advisory.asc
http://www.checkpoint.com/defense/advisories/public/2010/cpai-13-May.html
http://www.ibm.com/support/docview.wss?uid=isg1IZ75465
http://www.ibm.com/support/docview.wss?uid=isg1IZ73590
http://www.ibm.com/support/docview.wss?uid=isg1IZ75369
http://secunia.com/advisories/39911
http://www.ibm.com/support/docview.wss?uid=isg1IZ73681
http://www.ibm.com/support/docview.wss?uid=isg1IZ73874
http://securitytracker.com/id?1024016
http://www.ibm.com/support/docview.wss?uid=isg1IZ75440
http://www.ibm.com/support/docview.wss?uid=isg1IZ73757
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=5088
http://www.vupen.com/english/advisories/2010/1213	Vendor Advisory
http://www.vupen.com/english/advisories/2010/1199	Vendor Advisory
http://osvdb.org/64729
http://www.securitytracker.com/id?1023994
http://www.vupen.com/english/advisories/2010/1212	Vendor Advisory
http://www.vupen.com/english/advisories/2010/1211	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/58718
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12103
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11986
http://www.securityfocus.com/archive/1/511405/100/0/threaded

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2010-1039
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1039

History

Created	Old Value	New Value	Data Type	Notes
2022-05-10 18:31:02				Added to TrackCVE