Sign-up

ID

VAR-201004-0257


CVE

CVE-2010-1147


TITLE

Open Direct Connect Hub Vulnerable to stack-based buffer overflow

Trust: 0.8

sources: JVNDB: JVNDB-2010-005359

DESCRIPTION

Stack-based buffer overflow in Open Direct Connect Hub (aka Open DC Hub or OpenDCHub) 0.8.1 allows remote authenticated users to execute arbitrary code via a long MyINFO message. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. ---------------------------------------------------------------------- Proof-of-Concept (PoC) and Extended Analysis available for customers. Get a free trial, contact sales@secunia.com ---------------------------------------------------------------------- TITLE: Fedora update for opendchub SECUNIA ADVISORY ID: SA39664 VERIFY ADVISORY: http://secunia.com/advisories/39664/ DESCRIPTION: Fedora has issued an update for opendchub. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA39199 SOLUTION: Apply updated packages using the yum utility ("yum update opendchub"). ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Open DC Hub "myinfo()" Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA39199 VERIFY ADVISORY: http://secunia.com/advisories/39199/ DESCRIPTION: Pierre Nogu\xe8s has discovered a vulnerability in Open DC Hub, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "myinfo()" function in commands.c. This can be exploited to cause a stack-based buffer overflow via a specially crafted "MyINFO" message. Successful exploitation may allow execution of arbitrary code. The vulnerability is confirmed in version 0.8.1. Other versions may also be affected. SOLUTION: Restrict network access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Pierre Nogu\xe8s ORIGINAL ADVISORY: http://www.indahax.com/exploits/opendchub-0-8-1-remote-code-execution-exploit ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . Workaround ========== There is no known workaround at this time. Resolution ========== All Open DC Hub users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-p2p/opendchub-0.8.2" References ========== [ 1 ] CVE-2010-1147 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1147 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201311-12.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Trust: 2.25

sources: NVD: CVE-2010-1147 // JVNDB: JVNDB-2010-005359 // BID: 39129 // VULMON: CVE-2010-1147 // PACKETSTORM: 89101 // PACKETSTORM: 87854 // PACKETSTORM: 124087

IOT TAXONOMY

category:['network device']sub_category:hub

Trust: 0.1

sources: OTHER: None

AFFECTED PRODUCTS

vendor:roshan singhmodel:open direct connect hubscope:eqversion:0.8.1

Trust: 2.5

vendor:openmodel:dc hub open dc hubscope:eqversion:0.8.1

Trust: 0.3

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.3

vendor:openmodel:dc hub open dc hubscope:neversion:0.8.2

Trust: 0.3

sources: VULMON: CVE-2010-1147 // BID: 39129 // JVNDB: JVNDB-2010-005359 // CNNVD: CNNVD-201004-093 // NVD: CVE-2010-1147

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2010-1147
value: MEDIUM

Trust: 1.0

NVD: CVE-2010-1147
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201004-093
value: MEDIUM

Trust: 0.6

VULMON: CVE-2010-1147
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2010-1147
severity: MEDIUM
baseScore: 6.0
vectorString: AV:N/AC:M/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 6.8
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

sources: VULMON: CVE-2010-1147 // JVNDB: JVNDB-2010-005359 // CNNVD: CNNVD-201004-093 // NVD: CVE-2010-1147

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.8

sources: JVNDB: JVNDB-2010-005359 // NVD: CVE-2010-1147

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201004-093

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201004-093

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2010-005359

EXPLOIT AVAILABILITY
sources:
            
            
            VULMON: CVE-2010-1147

PATCH
title:Open Direct Connect Huburl:http://opendchub.sourceforge.net/
Trust: 0.8
title:opendchub-0.8.2.tarurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4488
Trust: 0.6
title:LinuxFlawurl:https://github.com/mudongliang/LinuxFlaw 
Trust: 0.1
title:cve-url:https://github.com/oneoy/cve- 
Trust: 0.1
sources:
            
            
            VULMON: CVE-2010-1147 // 
            
            
            
            JVNDB: JVNDB-2010-005359 // 
            
            
            
            CNNVD: CNNVD-201004-093

EXTERNAL IDS
db:NVDid:CVE-2010-1147
Trust: 3.0
db:OPENWALLid:OSS-SECURITY/2010/04/03/1
Trust: 1.7
db:BIDid:39129
Trust: 1.4
db:SECUNIAid:39664
Trust: 1.2
db:VUPENid:ADV-2010-1023
Trust: 1.1
db:VUPENid:ADV-2010-1044
Trust: 1.1
db:JVNDBid:JVNDB-2010-005359
Trust: 0.8
db:MLISTid:[OSS-SECURITY] 20100406 RE: CVE REQUEST -- OPENDCHUB V0.8.1 -- STACK OVERFLOW BY HANDLING A SPECIALLY-CRAFTED MYINFO MESSAGE
Trust: 0.6
db:MLISTid:[OSS-SECURITY] 20100403 CVE REQUEST -- OPENDCHUB V0.8.1 -- STACK OVERFLOW BY HANDLING A SPECIALLY-CRAFTED MYINFO MESSAGE
Trust: 0.6
db:BUGTRAQid:20100331 OPENDCHUB 0.8.1 REMOTE CODE EXECUTION EXPLOIT
Trust: 0.6
db:CNNVDid:CNNVD-201004-093
Trust: 0.6
db:OTHERid:NONE
Trust: 0.1
db:EXPLOIT-DBid:11986
Trust: 0.1
db:VULMONid:CVE-2010-1147
Trust: 0.1
db:PACKETSTORMid:89101
Trust: 0.1
db:SECUNIAid:39199
Trust: 0.1
db:PACKETSTORMid:87854
Trust: 0.1
db:PACKETSTORMid:124087
Trust: 0.1
sources:
            
            
            OTHER: None // 
            
            
            
            VULMON: CVE-2010-1147 // 
            
            
            
            BID: 39129 // 
            
            
            
            JVNDB: JVNDB-2010-005359 // 
            
            
            
            PACKETSTORM: 89101 // 
            
            
            
            PACKETSTORM: 87854 // 
            
            
            
            PACKETSTORM: 124087 // 
            
            
            
            CNNVD: CNNVD-201004-093 // 
            
            
            
            NVD: CVE-2010-1147

REFERENCES
url:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576308
Trust: 1.7
url:http://marc.info/?l=oss-security&m=127051570728944&w=2
Trust: 1.7
url:http://openwall.com/lists/oss-security/2010/04/03/1
Trust: 1.7
url:http://www.indahax.com/exploits/opendchub-0-8-1-remote-code-execution-exploit#more-600
Trust: 1.7
url:http://www.securityfocus.com/archive/1/510428
Trust: 1.7
url:https://bugzilla.redhat.com/show_bug.cgi?id=579206
Trust: 1.7
url:http://lists.fedoraproject.org/pipermail/package-announce/2010-april/040380.html
Trust: 1.2
url:http://lists.fedoraproject.org/pipermail/package-announce/2010-april/040421.html
Trust: 1.2
url:http://lists.fedoraproject.org/pipermail/package-announce/2010-april/040360.html
Trust: 1.1
url:http://secunia.com/advisories/39664
Trust: 1.1
url:http://www.securityfocus.com/bid/39129
Trust: 1.1
url:http://www.vupen.com/english/advisories/2010/1023
Trust: 1.1
url:http://www.vupen.com/english/advisories/2010/1044
Trust: 1.1
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1147
Trust: 0.9
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1147
Trust: 0.8
url:http://opendchub.sourceforge.net/
Trust: 0.3
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.2
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.2
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.2
url:http://secunia.com/advisories/39199/
Trust: 0.2
url:https://ieeexplore.ieee.org/abstract/document/10769424
Trust: 0.1
url:https://cwe.mitre.org/data/definitions/119.html
Trust: 0.1
url:https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2010-1147
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://www.exploit-db.com/exploits/11986/
Trust: 0.1
url:http://secunia.com/advisories/39664/
Trust: 0.1
url:http://www.indahax.com/exploits/opendchub-0-8-1-remote-code-execution-exploit
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
Trust: 0.1
url:http://creativecommons.org/licenses/by-sa/2.5
Trust: 0.1
url:http://security.gentoo.org/
Trust: 0.1
url:http://security.gentoo.org/glsa/glsa-201311-12.xml
Trust: 0.1
url:https://bugs.gentoo.org.
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2010-1147
Trust: 0.1
sources:
            
            
            OTHER: None // 
            
            
            
            VULMON: CVE-2010-1147 // 
            
            
            
            BID: 39129 // 
            
            
            
            JVNDB: JVNDB-2010-005359 // 
            
            
            
            PACKETSTORM: 89101 // 
            
            
            
            PACKETSTORM: 87854 // 
            
            
            
            PACKETSTORM: 124087 // 
            
            
            
            CNNVD: CNNVD-201004-093 // 
            
            
            
            NVD: CVE-2010-1147

CREDITS
Pierre Nogues
Trust: 0.3
sources:
            
            
            BID: 39129

SOURCES
db:OTHERid: - 
db:VULMONid:CVE-2010-1147
db:BIDid:39129
db:JVNDBid:JVNDB-2010-005359
db:PACKETSTORMid:89101
db:PACKETSTORMid:87854
db:PACKETSTORMid:124087
db:CNNVDid:CNNVD-201004-093
db:NVDid:CVE-2010-1147

LAST UPDATE DATE
2025-04-11T21:20:01.079000+00:00

SOURCES UPDATE DATE
db:VULMONid:CVE-2010-1147date:2010-05-08T00:00:00
db:BIDid:39129date:2015-04-13T21:16:00
db:JVNDBid:JVNDB-2010-005359date:2012-12-20T00:00:00
db:CNNVDid:CNNVD-201004-093date:2010-04-07T00:00:00
db:NVDid:CVE-2010-1147date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:VULMONid:CVE-2010-1147date:2010-04-06T00:00:00
db:BIDid:39129date:2010-03-31T00:00:00
db:JVNDBid:JVNDB-2010-005359date:2012-12-20T00:00:00
db:PACKETSTORMid:89101date:2010-05-03T14:43:18
db:PACKETSTORMid:87854date:2010-03-31T06:27:30
db:PACKETSTORMid:124087date:2013-11-20T21:55:00
db:CNNVDid:CNNVD-201004-093date:2010-03-31T00:00:00
db:NVDid:CVE-2010-1147date:2010-04-06T16:30:00.717