6 - CVE-2010-1147

Executive Summary

Informations
Name	CVE-2010-1147	First vendor Publication	2010-04-06
Vendor	Cve	Last vendor Modification	2010-05-08

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:S/C:P/I:P/A:P)
Cvss Base Score	6	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Medium
Cvss Expoit Score	6.8	Authentication	Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

Stack-based buffer overflow in Open Direct Connect Hub (aka Open DC Hub or OpenDCHub) 0.8.1 allows remote authenticated users to execute arbitrary code via a long MyINFO message.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1147

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer

CPE : Common Platform Enumeration

Type	Description	Count
Application	Roshan Singh Open Direct Connect Hub cpe:2.3:a:roshan_singh:open_direct_connect_hub:0.8.1:::::::*	1

OpenVAS Exploits

Date	Description
2010-05-04	Name : Fedora Update for opendchub FEDORA-2010-6415 File : nvt/gb_fedora_2010_6415_opendchub_fc12.nasl
2010-05-04	Name : Fedora Update for opendchub FEDORA-2010-6426 File : nvt/gb_fedora_2010_6426_opendchub_fc11.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
63353	Open DC Hub commands.c myinfo() Function Overflow

Nessus® Vulnerability Scanner

Date	Description
2013-11-21	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201311-12.nasl - Type : ACT_GATHER_INFO
2010-07-01	Name : The remote Fedora host is missing a security update. File : fedora_2010-6415.nasl - Type : ACT_GATHER_INFO
2010-07-01	Name : The remote Fedora host is missing a security update. File : fedora_2010-6426.nasl - Type : ACT_GATHER_INFO
2010-07-01	Name : The remote Fedora host is missing a security update. File : fedora_2010-6478.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source	Url
BID	http://www.securityfocus.com/bid/39129
BUGTRAQ	http://www.securityfocus.com/archive/1/510428
CONFIRM	https://bugzilla.redhat.com/show_bug.cgi?id=579206
FEDORA	http://lists.fedoraproject.org/pipermail/package-announce/2010-April/040360.html http://lists.fedoraproject.org/pipermail/package-announce/2010-April/040380.html http://lists.fedoraproject.org/pipermail/package-announce/2010-April/040421.html
MISC	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576308 http://www.indahax.com/exploits/opendchub-0-8-1-remote-code-execution-exploit...
MLIST	http://marc.info/?l=oss-security&m=127051570728944&w=2 http://openwall.com/lists/oss-security/2010/04/03/1
SECUNIA	http://secunia.com/advisories/39664
VUPEN	http://www.vupen.com/english/advisories/2010/1023 http://www.vupen.com/english/advisories/2010/1044

Alert History

If you want to see full details history, please login or register.

Date	Informations
2021-05-04 12:11:16	Multiple Updates
2021-04-22 01:11:54	Multiple Updates
2020-05-23 00:25:30	Multiple Updates
2016-04-26 19:41:40	Multiple Updates
2014-02-17 10:54:26	Multiple Updates
2013-05-10 23:21:22	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	1
CPE ID(s)	1
Sources(s)	13
osvdb(s)	1
Openvas Exploit(s)	2
Nessus® Exploit(s)	4

	Related
6	GLSA-201311-12
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 1 more Alert(s)

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0210s

Facebook rss twitter linkedin mail