7.8

CVE-2010-2061

rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr, which can be created by an attacker before the daemon is started.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Rpcbind ProjectRpcbind Version0.2.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.42% 0.334
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://access.redhat.com/security/cve/cve-2010-2061
Third Party Advisory
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=583435#5
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-2061
Third Party Advisory
Issue Tracking
https://security-tracker.debian.org/tracker/CVE-2010-2061
Third Party Advisory
https://www.openwall.com/lists/oss-security/2010/06/08/3
Third Party Advisory
Mailing List