Vulnerability Description
Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote attackers to execute arbitrary code via a long NLST command.
CVSS Score
10.0
HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Aix | <= 5.3 |
Related Weaknesses (CWE)
References
- http://aix.software.ibm.com/aix/efixes/security/ftpd_advisory.ascPatchVendor Advisory
- http://seclists.org/fulldisclosure/2010/Jul/281ExploitMailing ListThird Party Advisory
- http://seclists.org/fulldisclosure/2010/Jul/317ExploitMailing ListThird Party Advisory
- http://seclists.org/fulldisclosure/2010/Jul/324ExploitMailing ListThird Party Advisory
- http://seclists.org/fulldisclosure/2010/Jul/337Mailing ListThird Party Advisory
- http://securitytracker.com/id?1024368Third Party AdvisoryVDB Entry
- http://www.exploit-db.com/exploits/14409/ExploitThird Party AdvisoryVDB Entry
- http://www.exploit-db.com/exploits/14456/ExploitThird Party AdvisoryVDB Entry
- http://www.ibm.com/support/docview.wss?uid=isg1IZ83252Vendor Advisory
- http://www.ibm.com/support/docview.wss?uid=isg1IZ83274Vendor Advisory
- http://www.ibm.com/support/docview.wss?uid=isg1IZ83275Vendor Advisory
- http://www.ibm.com/support/docview.wss?uid=isg1IZ83276Vendor Advisory
- http://www.osvdb.org/66576Broken Link
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Third Party Advisory
- http://aix.software.ibm.com/aix/efixes/security/ftpd_advisory.ascPatchVendor Advisory
FAQ
What is CVE-2010-3187?
CVE-2010-3187 is a vulnerability with a CVSS score of 10.0 (HIGH). Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote attackers to execute arbitrary code via a long NLST command.
How severe is CVE-2010-3187?
CVE-2010-3187 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-3187?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Aix.