Vulnerability Details CVE-2010-3187
Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote attackers to execute arbitrary code via a long NLST command.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.795
EPSS Ranking 99.0%
CVSS Severity
CVSS v2 Score 10.0
References
- http://aix.software.ibm.com/aix/efixes/security/ftpd_advisory.asc
- http://seclists.org/fulldisclosure/2010/Jul/281
- http://seclists.org/fulldisclosure/2010/Jul/317
- http://seclists.org/fulldisclosure/2010/Jul/324
- http://seclists.org/fulldisclosure/2010/Jul/337
- http://securitytracker.com/id?1024368
- http://www.exploit-db.com/exploits/14409/
- http://www.exploit-db.com/exploits/14456/
- http://www.ibm.com/support/docview.wss?uid=isg1IZ83252
- http://www.ibm.com/support/docview.wss?uid=isg1IZ83274
- http://www.ibm.com/support/docview.wss?uid=isg1IZ83275
- http://www.ibm.com/support/docview.wss?uid=isg1IZ83276
- http://www.osvdb.org/66576
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11697
- http://aix.software.ibm.com/aix/efixes/security/ftpd_advisory.asc
- http://seclists.org/fulldisclosure/2010/Jul/281
- http://seclists.org/fulldisclosure/2010/Jul/317
- http://seclists.org/fulldisclosure/2010/Jul/324
- http://seclists.org/fulldisclosure/2010/Jul/337
- http://securitytracker.com/id?1024368
- http://www.exploit-db.com/exploits/14409/
- http://www.exploit-db.com/exploits/14456/
- http://www.ibm.com/support/docview.wss?uid=isg1IZ83252
- http://www.ibm.com/support/docview.wss?uid=isg1IZ83274
- http://www.ibm.com/support/docview.wss?uid=isg1IZ83275
- http://www.ibm.com/support/docview.wss?uid=isg1IZ83276
- http://www.osvdb.org/66576
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11697
Products affected by CVE-2010-3187
-
cpe:2.3:o:ibm:aix:-
-
cpe:2.3:o:ibm:aix:1.2.1
-
cpe:2.3:o:ibm:aix:1.3
-
cpe:2.3:o:ibm:aix:2.2.1
-
cpe:2.3:o:ibm:aix:3.1
-
cpe:2.3:o:ibm:aix:3.2
-
cpe:2.3:o:ibm:aix:3.2.0
-
cpe:2.3:o:ibm:aix:3.2.4
-
cpe:2.3:o:ibm:aix:3.2.5
-
cpe:2.3:o:ibm:aix:4
-
cpe:2.3:o:ibm:aix:4.0
-
cpe:2.3:o:ibm:aix:4.1
-
cpe:2.3:o:ibm:aix:4.1.1
-
cpe:2.3:o:ibm:aix:4.1.2
-
cpe:2.3:o:ibm:aix:4.1.3
-
cpe:2.3:o:ibm:aix:4.1.4
-
cpe:2.3:o:ibm:aix:4.1.5
-
cpe:2.3:o:ibm:aix:4.2
-
cpe:2.3:o:ibm:aix:4.2.0
-
cpe:2.3:o:ibm:aix:4.2.1
-
cpe:2.3:o:ibm:aix:4.2.1.12
-
cpe:2.3:o:ibm:aix:4.3
-
cpe:2.3:o:ibm:aix:4.3.0
-
cpe:2.3:o:ibm:aix:4.3.1
-
cpe:2.3:o:ibm:aix:4.3.2
-
cpe:2.3:o:ibm:aix:4.3.3
-
cpe:2.3:o:ibm:aix:5
-
cpe:2.3:o:ibm:aix:5.1
-
cpe:2.3:o:ibm:aix:5.1.0.10
-
cpe:2.3:o:ibm:aix:5.1l
-
cpe:2.3:o:ibm:aix:5.2
-
cpe:2.3:o:ibm:aix:5.2.0
-
cpe:2.3:o:ibm:aix:5.2.0.50
-
cpe:2.3:o:ibm:aix:5.2.0.54
-
cpe:2.3:o:ibm:aix:5.2.2
-
cpe:2.3:o:ibm:aix:5.2_l
-
cpe:2.3:o:ibm:aix:5.3