Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2010-2757 | First vendor Publication | 2010-08-16 |
Vendor | Cve | Last vendor Modification | 2010-09-08 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:S/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 8 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
The sudo feature in Bugzilla 2.22rc1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 does not properly send impersonation notifications, which makes it easier for remote authenticated users to impersonate other users without discovery. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2757 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-310 | Cryptographic Issues |
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2010-12-02 | Name : Fedora Update for bugzilla FEDORA-2010-13171 File : nvt/gb_fedora_2010_13171_bugzilla_fc14.nasl |
2010-10-10 | Name : FreeBSD Ports: bugzilla File : nvt/freebsd_bugzilla11.nasl |
2010-08-30 | Name : Fedora Update for bugzilla FEDORA-2010-13072 File : nvt/gb_fedora_2010_13072_bugzilla_fc12.nasl |
2010-08-30 | Name : Fedora Update for bugzilla FEDORA-2010-13086 File : nvt/gb_fedora_2010_13086_bugzilla_fc13.nasl |
2010-08-09 | Name : Bugzilla Multiple Vulnerabilities File : nvt/gb_bugzilla_42275.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
67197 | Bugzilla sudo Feature Impersonation Notification Weakness |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-08-29 | Name : The remote Fedora host is missing a security update. File : fedora_2010-13072.nasl - Type : ACT_GATHER_INFO |
2010-08-29 | Name : The remote Fedora host is missing a security update. File : fedora_2010-13086.nasl - Type : ACT_GATHER_INFO |
2010-08-27 | Name : The remote Fedora host is missing a security update. File : fedora_2010-13171.nasl - Type : ACT_GATHER_INFO |
2010-08-25 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_8cbf4d65af9a11df89b800151735203a.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 12:11:49 |
|
2021-04-22 01:12:24 |
|
2020-05-23 00:26:08 |
|
2016-04-26 19:58:21 |
|
2014-02-17 10:56:31 |
|
2013-05-10 23:29:08 |
|