Search for vulnerabilities
Vulnerability ID | VCID-sthg-ny7v-aaar |
Aliases |
CVE-2010-0015
|
Summary | nis/nss_nis/nis-pwd.c in the GNU C Library (aka glibc or libc6) 2.7 and Embedded GLIBC (EGLIBC) 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted passwords of NIS accounts by calling the getpwnam function. |
Status | Published |
Exploitability | 0.5 |
Weighted Severity | 6.8 |
Risk | 3.4 |
Affected and Fixed Packages | Package Details |
CWE-255 | Credentials Management Errors |
Exploitability (E) | Access Vector (AV) | Access Complexity (AC) | Authentication (Au) | Confidentiality Impact (C) | Integrity Impact (I) | Availability Impact (A) |
---|---|---|---|---|---|---|
high functional unproven proof_of_concept not_defined |
local adjacent_network network |
high medium low |
multiple single none |
none partial complete |
none partial complete |
none partial complete |
Percentile | 0.81242 |
EPSS Score | 0.01817 |
Published At | March 28, 2025, 12:55 p.m. |
Date | Actor | Action | Source | VulnerableCode Version |
---|---|---|---|---|
There are no relevant records. |