ID CVE-2010-2529
Summary Unspecified vulnerability in ping.c in iputils 20020927, 20070202, 20071127, and 20100214 on Mandriva Linux allows remote attackers to cause a denial of service (hang) via a crafted echo response.
References
Vulnerable Configurations
  • cpe:2.3:a:skbuff:iputils:20020927
    cpe:2.3:a:skbuff:iputils:20020927
  • cpe:2.3:a:skbuff:iputils:20070202
    cpe:2.3:a:skbuff:iputils:20070202
  • cpe:2.3:a:skbuff:iputils:20071127
    cpe:2.3:a:skbuff:iputils:20071127
  • cpe:2.3:a:skbuff:iputils:20100214
    cpe:2.3:a:skbuff:iputils:20100214
  • Mandriva Linux
    cpe:2.3:o:mandriva:linux
CVSS
Base: 5.0 (as of 28-07-2010 - 12:13)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2010-12252.NASL
    description CVE-2010-2529 iputils: denial of service vulnerability in ping Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-20
    plugin id 48359
    published 2010-08-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=48359
    title Fedora 12 : iputils-20071127-12.fc12 (2010-12252)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2645.NASL
    description Ovidiu Mara reported in 2010 a vulnerability in the ping util, commonly used by system and network administrators. By carefully crafting ICMP responses, an attacker could make the ping command hangs.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 65558
    published 2013-03-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=65558
    title Debian DSA-2645-1 : inetutils - denial of service
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2010-138.NASL
    description Ovidiu Mara reported a vulnerability in ping.c (iputils) that could cause ping to hang when responding to a malicious echo reply (CVE-2010-2529). The updated packages have been patched to correct these issues. Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=4 90
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 48196
    published 2010-07-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=48196
    title Mandriva Linux Security Advisory : iputils (MDVSA-2010:138)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2010-12273.NASL
    description CVE-2010-2529 iputils: denial of service vulnerability in ping Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 48308
    published 2010-08-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=48308
    title Fedora 13 : iputils-20071127-12.fc13 (2010-12273)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201412-08.NASL
    description The remote host is affected by the vulnerability described in GLSA-201412-08 (Multiple packages, Multiple vulnerabilities fixed in 2010) Vulnerabilities have been discovered in the packages listed below. Please review the CVE identifiers in the Reference section for details. Insight Perl Tk Module Source-Navigator Tk Partimage Mlmmj acl Xinit gzip ncompress liblzw splashutils GNU M4 KDE Display Manager GTK+ KGet dvipng Beanstalk Policy Mount pam_krb5 GNU gv LFTP Uzbl Slim Bitdefender Console iputils DVBStreamer Impact : A context-dependent attacker may be able to gain escalated privileges, execute arbitrary code, cause Denial of Service, obtain sensitive information, or otherwise bypass security restrictions. Workaround : There are no known workarounds at this time.
    last seen 2019-02-21
    modified 2018-12-05
    plugin id 79961
    published 2014-12-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79961
    title GLSA-201412-08 : Multiple packages, Multiple vulnerabilities fixed in 2010
refmap via4
bid 41911
mandriva MDVSA-2010:138
vupen ADV-2010-1890
Last major update 28-07-2010 - 00:00
Published 28-07-2010 - 08:48
Back to Top