CVE-2010-1938

Off-by-one error in the __opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and earlier, as used on FreeBSD 6.4 through 8.1-PRERELEASE and other platforms, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long username, as demonstrated by a long USER command to the FreeBSD 8.0 ftpd.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 98%
VendorProductVersion
freebsdfreebsd
6.4
freebsdfreebsd
6.4:release
freebsdfreebsd
6.4:release_p2
freebsdfreebsd
6.4:release_p3
freebsdfreebsd
6.4:release_p4
freebsdfreebsd
6.4:release_p5
freebsdfreebsd
6.4:stable
freebsdfreebsd
7.0
freebsdfreebsd
7.0:beta_4
freebsdfreebsd
7.0:current
freebsdfreebsd
7.0:pre-release
freebsdfreebsd
7.0:release
freebsdfreebsd
7.0:release-p12
freebsdfreebsd
7.0:release-p8
freebsdfreebsd
7.0:release-p9
freebsdfreebsd
7.0:releng
freebsdfreebsd
7.0:stable
freebsdfreebsd
7.0-release
freebsdfreebsd
7.0_beta4:_beta4
freebsdfreebsd
7.0_releng:_releng
freebsdfreebsd
7.1
freebsdfreebsd
7.1:pre-release
freebsdfreebsd
7.1:rc1
freebsdfreebsd
7.1:release-p1
freebsdfreebsd
7.1:release-p2
freebsdfreebsd
7.1:release-p4
freebsdfreebsd
7.1:release-p5
freebsdfreebsd
7.1:release-p6
freebsdfreebsd
7.1:stable
freebsdfreebsd
7.2
freebsdfreebsd
7.2:pre-release
freebsdfreebsd
7.2:stable
freebsdfreebsd
8.0
freebsdfreebsd
8.1-prerelease
nrlopie
𝑥
≤ 2.4.1
nrlopie
2.2
nrlopie
2.3
nrlopie
2.4
nrlopie
2.10
nrlopie
2.11
nrlopie
2.21
nrlopie
2.22
nrlopie
2.32
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
opie
lucid
Fixed 2.40~dfsg-0ubuntu1.10.04.1
released
karmic
Fixed 2.40~dfsg-0ubuntu1.9.10.1
released
jaunty
Fixed 2.40~dfsg-0ubuntu1.9.04.1
released
hardy
not-affected
dapper
not-affected
Common Weakness Enumeration
References
http://blog.pi3.com.pl/?p=111
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584932
http://secunia.com/advisories/39963
http://secunia.com/advisories/39966
http://secunia.com/advisories/45136
http://security.FreeBSD.org/advisories/FreeBSD-SA-10:05.opie.asc
http://securityreason.com/achievement_securityalert/87
http://securityreason.com/securityalert/7450
http://securitytracker.com/id?1024040
http://securitytracker.com/id?1025709
http://site.pi3.com.pl/adv/libopie-adv.txt
http://www.debian.org/security/2011/dsa-2281
http://www.exploit-db.com/exploits/12762
http://www.securityfocus.com/bid/40403
http://blog.pi3.com.pl/?p=111
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584932
http://secunia.com/advisories/39963
http://secunia.com/advisories/39966
http://secunia.com/advisories/45136
http://security.FreeBSD.org/advisories/FreeBSD-SA-10:05.opie.asc
http://securityreason.com/achievement_securityalert/87
http://securityreason.com/securityalert/7450
http://securitytracker.com/id?1024040
http://securitytracker.com/id?1025709
http://site.pi3.com.pl/adv/libopie-adv.txt
http://www.debian.org/security/2011/dsa-2281
http://www.exploit-db.com/exploits/12762
http://www.securityfocus.com/bid/40403