CVE-2010-0015 - nis/nss_nis/nis-pwd.c in the GNU C Library (aka glibc or libc6) 2.7 and Embedded GLIBC (EGLIBC) 2.10

CVE-2010-0015

Summary

nis/nss_nis/nis-pwd.c in the GNU C Library (aka glibc or libc6) 2.7 and Embedded GLIBC (EGLIBC) 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted passwords of NIS accounts by calling the getpwnam function.

References

Vulnerable Configurations

cpe:2.3:a:gnu:glibc:2.7:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.7:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.10.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.10.2:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 07-12-2016 - 02:59)
Impact:
Exploitability:

CWE

CWE-255

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

confirm	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560333 http://svn.debian.org/viewsvn/pkg-glibc/glibc-package/trunk/debian/patches/any/submitted-nis-shadow.diff?revision=4062&view=markup
mandriva	MDVSA-2010:111 MDVSA-2010:112
misc	http://sourceware.org/bugzilla/show_bug.cgi?id=11134
mlist	[oss-security] 20100107 CVE id request: GNU libc: NIS shadow password leakage [oss-security] 20100108 Re: CVE id request: GNU libc: NIS shadow password leakage [oss-security] 20100109 Re: CVE id request: GNU libc: NIS shadow password leakage [oss-security] 20100111 Re: CVE id request: GNU libc: NIS shadow password leakage
suse	SUSE-SA:2010:052

Last major update

07-12-2016 - 02:59

Published

14-01-2010 - 18:30

Last modified

07-12-2016 - 02:59