Max CVSS | 7.2 | Min CVSS | 3.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2010-3435 | 4.7 |
The (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) before 1.1.2 use root privileges during read access to files and directories that belong to arbitrary user accounts, which might allow local users to obtain sensitive information by leve
|
13-02-2023 - 04:24 | 24-01-2011 - 18:00 | |
CVE-2010-3316 | 3.3 |
The run_coprocess function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) before 1.1.2 does not check the return values of the setuid, setgid, and setgroups system calls, which might allow local users to read arbitrary files by executi
|
13-02-2023 - 04:23 | 24-01-2011 - 18:00 | |
CVE-2010-2059 | 7.2 |
lib/fsm.c in RPM 4.8.0 and unspecified 4.7.x and 4.6.x versions, and RPM before 4.4.3, does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade, which might allow local users to gain privileg
|
13-02-2023 - 04:19 | 08-06-2010 - 18:30 | |
CVE-2010-3853 | 6.9 |
pam_namespace.c in the pam_namespace module in Linux-PAM (aka pam) before 1.1.3 uses the environment of the invoking application or service during execution of the namespace.init script, which might allow local users to gain privileges by running a s
|
03-01-2019 - 15:01 | 24-01-2011 - 18:00 | |
CVE-2010-3762 | 4.3 |
ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does not properly handle certain bad signatures if multiple trust anchors exist for a single zone, which allows remote attackers to cause a denial of service (daemon crash) via a DNS query.
|
10-10-2018 - 20:05 | 05-10-2010 - 22:00 | |
CVE-2010-3614 | 6.4 |
named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attacke
|
10-10-2018 - 20:04 | 06-12-2010 - 13:44 | |
CVE-2010-3613 | 4.0 |
named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a
|
10-10-2018 - 20:04 | 06-12-2010 - 13:44 | |
CVE-2010-3609 | 5.0 |
The extension parser in slp_v2message.c in OpenSLP 1.2.1, and other versions before SVN revision 1647, as used in Service Location Protocol daemon (SLPD) in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, allows remote attackers to cause a denial of ser
|
10-10-2018 - 20:04 | 11-03-2011 - 17:55 |