Vulnerability Description
Off-by-one error in the __opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and earlier, as used on FreeBSD 6.4 through 8.1-PRERELEASE and other platforms, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long username, as demonstrated by a long USER command to the FreeBSD 8.0 ftpd.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Freebsd | Freebsd | 6 |
| Nrl | Opie | <= 2.4.1 |
Related Weaknesses (CWE)
References
- http://blog.pi3.com.pl/?p=111
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584932
- http://secunia.com/advisories/39963Vendor Advisory
- http://secunia.com/advisories/39966Vendor Advisory
- http://secunia.com/advisories/45136
- http://security.FreeBSD.org/advisories/FreeBSD-SA-10:05.opie.ascVendor Advisory
- http://securityreason.com/achievement_securityalert/87
- http://securityreason.com/securityalert/7450
- http://securitytracker.com/id?1024040
- http://securitytracker.com/id?1025709
- http://site.pi3.com.pl/adv/libopie-adv.txt
- http://www.debian.org/security/2011/dsa-2281
- http://www.exploit-db.com/exploits/12762
- http://www.securityfocus.com/bid/40403
- http://blog.pi3.com.pl/?p=111
FAQ
What is CVE-2010-1938?
CVE-2010-1938 is a vulnerability with a CVSS score of 9.3 (HIGH). Off-by-one error in the __opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and earlier, as used on FreeBSD 6.4 through 8.1-PRERELEASE and other platforms, allows remote attackers to ca...
How severe is CVE-2010-1938?
CVE-2010-1938 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-1938?
Check the references section above for vendor advisories and patch information. Affected products include: Freebsd Freebsd, Nrl Opie.