Executive Summary

Informations
Name CVE-2010-2632 First vendor Publication 2011-01-19
Vendor Cve Last vendor Modification 2017-08-17

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable researcher that this is an issue in the glob implementation in libc that allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2632

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:19586
 
Oval ID: oval:org.mitre.oval:def:19586
Title: CRITICAL PATCH UPDATE JANUARY 2011
Description: Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable researcher that this is an issue in the glob implementation in libc that allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames.
Family: unix Class: vulnerability
Reference(s): CVE-2010-2632
 Version: 3
Platform(s): Sun Solaris 10
 Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 4

ExploitDB Exploits

id Description
2013-02-05 FreeBSD 9.1 ftpd Remote Denial of Service
2010-10-07 Multiple Vendors libc/glob(3) Resource Exhaustion (+0day remote ftpd-anon)

OpenVAS Exploits

Date Description
2011-08-19 Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2011-004)
File : nvt/secpod_macosx_su11-004.nasl
2011-03-24 Name : Mandriva Update for vsftpd MDVSA-2011:049 (vsftpd)
File : nvt/gb_mandriva_MDVSA_2011_049.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
68527 NetBSD ftpd / sftpd Server Process GLOB_LIMIT Crafted Command Pattern Remote DoS

NetBSD contains a flaw that may allow a remote denial of service. The issue is triggered when an error occurs in the 'GLOB_LIMIT' implementation, which may be exploited via crafted command patterns passed to the sftp or ftpd server processes to exhaust system resources cause a denial of service.

Information Assurance Vulnerability Management (IAVM)

Date Description
2013-10-17 IAVM : 2013-A-0194 - Multiple Vulnerabilities in Juniper Networks JUNOS
Severity : Category I - VMSKEY : V0040788

Nessus® Vulnerability Scanner

Date Description
2013-10-17 Name : The remote device is missing a vendor-supplied security patch.
File : juniper_jsa10598.nasl - Type : ACT_GATHER_INFO
2013-02-22 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_3c90e0937c6e11e2809b6c626d99876c.nasl - Type : ACT_GATHER_INFO
2011-06-24 Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_10_6_8.nasl - Type : ACT_GATHER_INFO
2011-06-24 Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_SecUpd2011-004.nasl - Type : ACT_GATHER_INFO
2011-03-22 Name : The remote Mandriva Linux host is missing a security update.
File : mandriva_MDVSA-2011-049.nasl - Type : ACT_GATHER_INFO
2004-07-12 Name : The remote host is missing Sun Security Patch number 114564-16
File : solaris9_114564.nasl - Type : ACT_GATHER_INFO
2004-07-12 Name : The remote host is missing Sun Security Patch number 114565-16
File : solaris9_x86_114565.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
CONFIRM http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10598
http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html
https://support.avaya.com/css/P8/documents/100127892
SECTRACK http://www.securitytracker.com/id?1024975
SECUNIA http://secunia.com/advisories/42984
http://secunia.com/advisories/43433
http://secunia.com/advisories/55212
SREASONRES http://securityreason.com/achievement_securityalert/89
http://securityreason.com/achievement_securityalert/97
VUPEN http://www.vupen.com/english/advisories/2011/0151
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/64798

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
Date Informations
2021-05-04 12:11:47
  • Multiple Updates
2021-04-22 01:12:23
  • Multiple Updates
2020-05-23 00:26:05
  • Multiple Updates
2017-08-17 09:23:04
  • Multiple Updates
2016-04-26 19:57:03
  • Multiple Updates
2014-10-10 09:23:15
  • Multiple Updates
2014-02-17 10:56:23
  • Multiple Updates
2013-11-11 12:38:50
  • Multiple Updates
2013-05-10 23:28:43
  • Multiple Updates