CVE-2010-2632
CVE-2010-2632
Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable researcher that this is an issue in the glob implementation in libc that allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/15215unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10598http://secunia.com/advisories/42984http://secunia.com/advisories/43433http://secunia.com/advisories/55212http://securityreason.com/achievement_securityalert/89http://securityreason.com/achievement_securityalert/97https://exchange.xforce.ibmcloud.com/vulnerabilities/64798https://support.avaya.com/css/P8/documents/100127892http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.htmlhttp://www.securitytracker.com/id?1024975http://www.vupen.com/english/advisories/2011/0151