7.5

CVE-2010-0015

EPSS 1.54%
Veröffentlicht 14.01.2010 18:30:00
Zuletzt bearbeitet 23.04.2026 00:35:47
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

nis/nss_nis/nis-pwd.c in the GNU C Library (aka glibc or libc6) 2.7 and Embedded GLIBC (EGLIBC) 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted passwords of NIS accounts by calling the getpwnam function.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 15

NVD 2 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Gnu ≫ Glibc Version2.7

Gnu ≫ Glibc Version2.10.2

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.54%	0.814

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560333

http://marc.info/?l=oss-security&m=126320356003425&w=2

http://marc.info/?l=oss-security&m=126320570505651&w=2

http://sourceware.org/bugzilla/show_bug.cgi?id=11134

http://svn.debian.org/viewsvn/pkg-glibc/glibc-package/trunk/debian/patches/any/submitted-nis-shadow.diff?revision=4062&view=markup

http://www.mandriva.com/security/advisories?name=MDVSA-2010:111

http://www.mandriva.com/security/advisories?name=MDVSA-2010:112

http://www.openwall.com/lists/oss-security/2010/01/07/3

http://www.openwall.com/lists/oss-security/2010/01/08/1

http://www.openwall.com/lists/oss-security/2010/01/08/2

http://www.openwall.com/lists/oss-security/2010/01/11/6

https://nvd.nist.gov/vuln/detail/CVE-2010-0015

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-0015

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-0015

EUVD