Risk | Low |
Patch available | YES |
Number of vulnerabilities | 2 |
CVE-ID | CVE-2010-2061 CVE-2010-2064 |
CWE-ID | CWE-20 CWE-59 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software Subscribe |
RPCBind Universal components / Libraries / Libraries used by multiple products |
Vendor | linux-nfs.org |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
EUVDB-ID: #VU35139
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2010-2061
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local authenticated user to execute arbitrary code.
rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr, which can be created by an attacker before the daemon is started.
MitigationInstall update from vendor's website.
Vulnerable software versionsRPCBind: 0.2.0
External linkshttp://access.redhat.com/security/cve/cve-2010-2061
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=583435#5
http://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-2061
http://security-tracker.debian.org/tracker/CVE-2010-2061
http://www.openwall.com/lists/oss-security/2010/06/08/3
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU35140
Risk: Low
CVSSv3.1: 6.2 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2010-2064
CWE-ID:
CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Exploit availability: No
DescriptionThe vulnerability allows a local authenticated user to read and manipulate data.
rpcbind 0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr.
MitigationInstall update from vendor's website.
Vulnerable software versionsRPCBind: 0.2.0
External linkshttp://access.redhat.com/security/cve/cve-2010-2064
http://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-2064
http://security-tracker.debian.org/tracker/CVE-2010-2064
http://www.openwall.com/lists/oss-security/2010/06/08/3
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.