Back to search
CVE-2010-1039
Published: May 20, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
64729
vdb-entry
x_refsource_OSVDB
IZ75440
vendor-advisory
x_refsource_AIXAPAR
39911
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:11986
vdb-entry
signature
x_refsource_OVAL
40248
vdb-entry
x_refsource_BID
1023994
vdb-entry
x_refsource_SECTRACK
IZ75369
vendor-advisory
x_refsource_AIXAPAR
ADV-2010-1213
vdb-entry
x_refsource_VUPEN
IZ73757
vendor-advisory
x_refsource_AIXAPAR
IZ73599
vendor-advisory
x_refsource_AIXAPAR
20100520 HP-UX, IBM AIX, SGI IRIX Remote Vulnerability - CVE-2010-1039
mailing-list
x_refsource_BUGTRAQ
HPSBUX02523
vendor-advisory
x_refsource_HP
oval:org.mitre.oval:def:12103
vdb-entry
signature
x_refsource_OVAL
IZ75465
vendor-advisory
x_refsource_AIXAPAR
IZ73874
vendor-advisory
x_refsource_AIXAPAR
SSRT100036
vendor-advisory
x_refsource_HP
ADV-2010-1199
vdb-entry
x_refsource_VUPEN
39835
third-party-advisory
x_refsource_SECUNIA
hpux-nfsoncplus-privilege-escalation(58718)
vdb-entry
x_refsource_XF
1024016
vdb-entry
x_refsource_SECTRACK
ADV-2010-1212
vdb-entry
x_refsource_VUPEN
ADV-2010-1211
vdb-entry
x_refsource_VUPEN
http://aix.software.ibm.com/aix/efixes/security/pcnfsd_advisory.asc
x_refsource_CONFIRM
IZ73590
vendor-advisory
x_refsource_AIXAPAR
IZ73681
vendor-advisory
x_refsource_AIXAPAR
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now