CVE-2010-1039
NONE EPSS 97.1%
Published May 20, 201016y ago · Modified Jun 16, 20262w ago
Published May 20, 2010 16y ago
Last Modified Jun 16, 2026 2w ago
Description
Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name.
Threat Intelligence
EPSS Exploit Probability
97.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-134
Affected Products 45
| Vendor | Product | Version | Range |
|---|---|---|---|
| hp | nfs\/oncplus | * | ≤b.11.31_09 |
| hp | hp-ux | b.11.11 | any |
| hp | hp-ux | b.11.23 | any |
| hp | hp-ux | b.11.31 | any |
| ibm | aix | * | ≤5.3 |
| ibm | aix | 1.2.1 | any |
| ibm | aix | 1.3 | any |
| ibm | aix | 2.2.1 | any |
| ibm | aix | 3.1 | any |
| ibm | aix | 3.2 | any |
| ibm | aix | 3.2.0 | any |
| ibm | aix | 3.2.4 | any |
| ibm | aix | 3.2.5 | any |
| ibm | aix | 4 | any |
| ibm | aix | 4.0 | any |
| ibm | aix | 4.1 | any |
| ibm | aix | 4.1.1 | any |
| ibm | aix | 4.1.2 | any |
| ibm | aix | 4.1.3 | any |
| ibm | aix | 4.1.4 | any |
| ibm | aix | 4.1.5 | any |
| ibm | aix | 4.2 | any |
| ibm | aix | 4.2.0 | any |
| ibm | aix | 4.2.1 | any |
| ibm | aix | 4.2.1.12 | any |
| ibm | aix | 4.3 | any |
| ibm | aix | 4.3.0 | any |
| ibm | aix | 4.3.1 | any |
| ibm | aix | 4.3.2 | any |
| ibm | aix | 4.3.3 | any |
| ibm | aix | 5.1 | any |
| ibm | aix | 5.1.0.10 | any |
| ibm | aix | 5.1l | any |
| ibm | aix | 5.2 | any |
| ibm | aix | 5.2.0 | any |
| ibm | aix | 5.2.0.50 | any |
| ibm | aix | 5.2.0.54 | any |
| ibm | aix | 5.2.2 | any |
| ibm | aix | 5.2_l | any |
| ibm | aix | 6.1 | any |
| ibm | aix | 430 | any |
| ibm | vios | * | ≤1.5 |
| ibm | vios | 1.4 | any |
| ibm | vios | 2.1 | any |
| sgi | irix | 6.5 | any |
References 26
- aix.software.ibm.com http://aix.software.ibm.com/aix/efixes/security/pcnfsd_advisory.asc
- marc.info http://marc.info/?l=bugtraq&m=127428077629933&w=2
- osvdb.org http://osvdb.org/64729
- secunia.com http://secunia.com/advisories/39835
- secunia.com http://secunia.com/advisories/39911
- securitytracker.com http://securitytracker.com/id?1024016
- checkpoint.com http://www.checkpoint.com/defense/advisories/public/2010/cpai-13-May.html
- ibm.com http://www.ibm.com/support/docview.wss?uid=isg1IZ73590
- ibm.com http://www.ibm.com/support/docview.wss?uid=isg1IZ73599
- ibm.com http://www.ibm.com/support/docview.wss?uid=isg1IZ73681
- ibm.com http://www.ibm.com/support/docview.wss?uid=isg1IZ73757
- ibm.com http://www.ibm.com/support/docview.wss?uid=isg1IZ73874
- ibm.com http://www.ibm.com/support/docview.wss?uid=isg1IZ75369
- ibm.com http://www.ibm.com/support/docview.wss?uid=isg1IZ75440
- ibm.com http://www.ibm.com/support/docview.wss?uid=isg1IZ75465
- securityfocus.com http://www.securityfocus.com/archive/1/511405/100/0/threaded
- securityfocus.com http://www.securityfocus.com/bid/40248
- securitytracker.com http://www.securitytracker.com/id?1023994
- vupen.com http://www.vupen.com/english/advisories/2010/1199
- vupen.com http://www.vupen.com/english/advisories/2010/1211
- vupen.com http://www.vupen.com/english/advisories/2010/1212
- vupen.com http://www.vupen.com/english/advisories/2010/1213
- www14.software.ibm.com http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=5088
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/58718
- oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11986
- oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12103
Remediation
- securityfocus.com http://www.securityfocus.com/bid/40248