7.5

CVE-2010-0015

EPSS 1.82%
Published 14.01.2010 18:30:00
Last modified 09.04.2025 00:30:58
Source secalert@redhat.com
Teams watchlist Login
Open Login

nis/nss_nis/nis-pwd.c in the GNU C Library (aka glibc or libc6) 2.7 and Embedded GLIBC (EGLIBC) 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted passwords of NIS accounts by calling the getpwnam function.

Affected products Warnungen 0 Metrics 2 CWE 0 References 15

Data is provided by the National Vulnerability Database (NVD)

Gnu ≫ Glibc Version2.7

Gnu ≫ Glibc Version2.10.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.82%	0.812

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560333

http://marc.info/?l=oss-security&m=126320356003425&w=2

http://marc.info/?l=oss-security&m=126320570505651&w=2

http://sourceware.org/bugzilla/show_bug.cgi?id=11134

http://svn.debian.org/viewsvn/pkg-glibc/glibc-package/trunk/debian/patches/any/submitted-nis-shadow.diff?revision=4062&view=markup

http://www.mandriva.com/security/advisories?name=MDVSA-2010:111

http://www.mandriva.com/security/advisories?name=MDVSA-2010:112

http://www.openwall.com/lists/oss-security/2010/01/07/3

http://www.openwall.com/lists/oss-security/2010/01/08/1

http://www.openwall.com/lists/oss-security/2010/01/08/2

http://www.openwall.com/lists/oss-security/2010/01/11/6

https://nvd.nist.gov/vuln/detail/CVE-2010-0015

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-0015

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-0015

EUVD