CVE-2010-1039 : Détail

Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name.

Faiblesses connexes

Métriques

EPSS

Score EPSS

Percentile EPSS

Informations sur l'Exploit

Exploit Database EDB-ID : 14407

Date de publication : 2010-07-17 22h00 +00:00
Auteur : Rodrigo Rubira Branco
EDB Vérifié : Yes

Products Mentioned

Configuraton 0

Hp>>Nfs\/oncplus >> Version To (including) b.11.31_09

Hp>>Hp-ux >> Version b.11.11

Hp>>Hp-ux >> Version b.11.23

Hp>>Hp-ux >> Version b.11.31

Configuraton 0

Ibm>>Aix >> Version To (including) 5.3

Ibm>>Aix >> Version 1.2.1

Ibm>>Aix >> Version 1.3

Ibm>>Aix >> Version 2.2.1

Ibm>>Aix >> Version 3.1

Ibm>>Aix >> Version 3.2

Ibm>>Aix >> Version 3.2.0

Ibm>>Aix >> Version 3.2.4

Ibm>>Aix >> Version 3.2.5

Ibm>>Aix >> Version 4

Ibm>>Aix >> Version 4.0

Ibm>>Aix >> Version 4.1

Ibm>>Aix >> Version 4.1.1

Ibm>>Aix >> Version 4.1.2

Ibm>>Aix >> Version 4.1.3

Ibm>>Aix >> Version 4.1.4

Ibm>>Aix >> Version 4.1.5

Ibm>>Aix >> Version 4.2

Ibm>>Aix >> Version 4.2.0

Ibm>>Aix >> Version 4.2.1

Ibm>>Aix >> Version 4.2.1.12

Ibm>>Aix >> Version 4.3

Ibm>>Aix >> Version 4.3.0

Ibm>>Aix >> Version 4.3.1

Ibm>>Aix >> Version 4.3.2

Ibm>>Aix >> Version 4.3.3

Ibm>>Aix >> Version 5.1

Ibm>>Aix >> Version 5.1.0.10

Ibm>>Aix >> Version 5.1l

Ibm>>Aix >> Version 5.2

Ibm>>Aix >> Version 5.2.0

Ibm>>Aix >> Version 5.2.0.50

Ibm>>Aix >> Version 5.2.0.54

Ibm>>Aix >> Version 5.2.2

Ibm>>Aix >> Version 5.2_l

Ibm>>Aix >> Version 6.1

Ibm>>Aix >> Version 430

Configuraton 0

Ibm>>Vios >> Version To (including) 1.5

Ibm>>Vios >> Version 1.4

Ibm>>Vios >> Version 2.1

Configuraton 0

Sgi>>Irix >> Version 6.5

Références