Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2010-4512 | First vendor Publication | 2010-12-09 |
| Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 7.2 | Attack Range | Local |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 3.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Cobbler before 2.0.4 uses an incorrect umask value, which allows local users to have an unspecified impact by leveraging world writable permissions for files and directories. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4512 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-264 | Permissions, Privileges, and Access Controls |
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 69750 | Cobbler umask Value Weakness Unspecified Local Issue Cobbler contains a flaw related to an incorrect umask value, that may allow a local attacker to cause cobblerd to create world writable files when running the sync command, and leverage their permissions for files and directories with an unspecified impact. No further details have been provided. |
Sources (Detail)
| Source | Url |
|---|
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 23:06:44 |
|
| 2024-11-28 12:23:48 |
|
| 2021-05-04 12:13:13 |
|
| 2021-04-22 01:13:37 |
|
| 2020-05-23 01:43:10 |
|
| 2020-05-23 00:27:03 |
|
| 2016-04-26 20:17:18 |
|
| 2013-05-10 23:38:31 |
|
