CVE-2010-4756
ADVISORY - debianSummary
The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.
- glibc (unimportant)
- eglibc (unimportant) That's standard POSIX behaviour implemented by (e)glibc. Applications using glob need to impose limits for themselves
EPSS Score: 0.00373 (0.583)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Resource Management Errors
Debian
CREATED
UPDATED
ADVISORY IDCVE-2010-4756
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/Alow| Package | Type | OS Name | OS Version | Affected Ranges | Fix Versions |
|---|---|---|---|---|---|
| debian/glibc | deb | debian | 12 | >=2.36-9+deb12u10 | Not yet available |
| debian/glibc | deb | debian | 13 | >=2.41-9 | Not yet available |
| debian/glibc | deb | debian | 11 | >=2.31-13+deb11u11 | Not yet available |
| debian/glibc | deb | debian | unstable | >=2.41-9 | Not yet available |
Severity and metrics
No CVSS data available from this advisory.
NIST
CREATED
UPDATED
ADVISORY IDCVE-2010-4756
EXPLOITABILITY SCORE
8
EXPLOITS FOUND
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
4mediumUbuntu
CREATED
UPDATED
ADVISORY IDCVE-2010-4756
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AlowRed Hat
CREATED
UPDATED
ADVISORY IDCVE-2010-4756
EXPLOITABILITY SCORE
10.0
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
5lowChainguard
CREATED
UPDATED
ADVISORY ID
CGA-5vfg-gqch-hcj5
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
intheWild
CREATED
UPDATED
ADVISORY IDCVE-2010-4756
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-