cvelistv5 - CVE-2010-3692

CVE-2010-3692 (GCVE-0-2010-3692)

Vulnerability from cvelistv5

Published

2010-10-07 20:21

Modified

2024-08-07 03:18

Severity ?

CWE

Summary

Directory traversal vulnerability in the callback function in client.php in phpCAS before 1.1.3, when proxy mode is enabled, allows remote attackers to create or overwrite arbitrary files via directory traversal sequences in a Proxy Granting Ticket IOU (PGTiou) parameter.

References

►

URL

Tags

	secalert@redhat.com	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495542#82
	secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050415.html
	secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050428.html
	secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049600.html
	secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049602.html
	secalert@redhat.com	http://secunia.com/advisories/41878
	secalert@redhat.com	http://secunia.com/advisories/42149
	secalert@redhat.com	http://secunia.com/advisories/42184
	secalert@redhat.com	http://secunia.com/advisories/43427
	secalert@redhat.com	http://www.debian.org/security/2011/dsa-2172
	secalert@redhat.com	http://www.openwall.com/lists/oss-security/2010/09/29/6
	secalert@redhat.com	http://www.openwall.com/lists/oss-security/2010/10/01/2
	secalert@redhat.com	http://www.openwall.com/lists/oss-security/2010/10/01/5
	secalert@redhat.com	http://www.securityfocus.com/bid/43585
	secalert@redhat.com	http://www.vupen.com/english/advisories/2010/2705
	secalert@redhat.com	http://www.vupen.com/english/advisories/2010/2909
	secalert@redhat.com	http://www.vupen.com/english/advisories/2011/0456
	secalert@redhat.com	https://developer.jasig.org/source/changelog/jasigsvn?cs=21538
	secalert@redhat.com	https://forge.indepnet.net/projects/glpi/repository/revisions/12601
	secalert@redhat.com	https://issues.jasig.org/browse/PHPCAS-80
	af854a3a-2127-422b-91ae-364da2661108	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495542#82
	af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050415.html
	af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050428.html
	af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049600.html
	af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049602.html
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/41878
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/42149
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/42184
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/43427
	af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2011/dsa-2172
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2010/09/29/6
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2010/10/01/2
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2010/10/01/5
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/43585
	af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/2705
	af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/2909
	af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0456
	af854a3a-2127-422b-91ae-364da2661108	https://developer.jasig.org/source/changelog/jasigsvn?cs=21538
	af854a3a-2127-422b-91ae-364da2661108	https://forge.indepnet.net/projects/glpi/repository/revisions/12601
	af854a3a-2127-422b-91ae-364da2661108	https://issues.jasig.org/browse/PHPCAS-80

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:18:52.594Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495542#82"
          },
          {
            "name": "DSA-2172",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2172"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.jasig.org/browse/PHPCAS-80"
          },
          {
            "name": "ADV-2011-0456",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0456"
          },
          {
            "name": "FEDORA-2010-15943",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049600.html"
          },
          {
            "name": "FEDORA-2010-15970",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049602.html"
          },
          {
            "name": "ADV-2010-2909",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/2909"
          },
          {
            "name": "43585",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/43585"
          },
          {
            "name": "42149",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42149"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://forge.indepnet.net/projects/glpi/repository/revisions/12601"
          },
          {
            "name": "ADV-2010-2705",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/2705"
          },
          {
            "name": "43427",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43427"
          },
          {
            "name": "[oss-security] 20100929 CVE request - phpCAS: prevent symlink attacks, directory traversal and XSS during a proxy callback",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2010/09/29/6"
          },
          {
            "name": "FEDORA-2010-16912",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050428.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://developer.jasig.org/source/changelog/jasigsvn?cs=21538"
          },
          {
            "name": "FEDORA-2010-16905",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050415.html"
          },
          {
            "name": "41878",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/41878"
          },
          {
            "name": "[oss-security] 20101001 Re: CVE request - phpCAS: prevent symlink attacks, directory traversal and XSS during a proxy callback",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2010/10/01/5"
          },
          {
            "name": "[oss-security] 20101001 Re: CVE request - phpCAS: prevent symlink attacks, directory traversal and XSS during a proxy callback",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2010/10/01/2"
          },
          {
            "name": "42184",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42184"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-09-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability in the callback function in client.php in phpCAS before 1.1.3, when proxy mode is enabled, allows remote attackers to create or overwrite arbitrary files via directory traversal sequences in a Proxy Granting Ticket IOU (PGTiou) parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-11-03T09:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495542#82"
        },
        {
          "name": "DSA-2172",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2172"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.jasig.org/browse/PHPCAS-80"
        },
        {
          "name": "ADV-2011-0456",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0456"
        },
        {
          "name": "FEDORA-2010-15943",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049600.html"
        },
        {
          "name": "FEDORA-2010-15970",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049602.html"
        },
        {
          "name": "ADV-2010-2909",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/2909"
        },
        {
          "name": "43585",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/43585"
        },
        {
          "name": "42149",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42149"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://forge.indepnet.net/projects/glpi/repository/revisions/12601"
        },
        {
          "name": "ADV-2010-2705",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/2705"
        },
        {
          "name": "43427",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43427"
        },
        {
          "name": "[oss-security] 20100929 CVE request - phpCAS: prevent symlink attacks, directory traversal and XSS during a proxy callback",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2010/09/29/6"
        },
        {
          "name": "FEDORA-2010-16912",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050428.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://developer.jasig.org/source/changelog/jasigsvn?cs=21538"
        },
        {
          "name": "FEDORA-2010-16905",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050415.html"
        },
        {
          "name": "41878",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/41878"
        },
        {
          "name": "[oss-security] 20101001 Re: CVE request - phpCAS: prevent symlink attacks, directory traversal and XSS during a proxy callback",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2010/10/01/5"
        },
        {
          "name": "[oss-security] 20101001 Re: CVE request - phpCAS: prevent symlink attacks, directory traversal and XSS during a proxy callback",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2010/10/01/2"
        },
        {
          "name": "42184",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42184"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2010-3692",
    "datePublished": "2010-10-07T20:21:00",
    "dateReserved": "2010-10-01T00:00:00",
    "dateUpdated": "2024-08-07T03:18:52.594Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2010-3692\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2010-10-07T21:00:02.017\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Directory traversal vulnerability in the callback function in client.php in phpCAS before 1.1.3, when proxy mode is enabled, allows remote attackers to create or overwrite arbitrary files via directory traversal sequences in a Proxy Granting Ticket IOU (PGTiou) parameter.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de salto de directorio en la funci\u00f3n callback en client.php en phpCAS anterior a v1.1.3, cuando el modo proxy est\u00e1 habilitado, permite a atacantes crear o sobreescribir ficheros arbitrarios mediante  secuencias de salto de directorio en el par\u00e1metro Proxy Granting Ticket IOU (PGTiou).\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:P\",\"baseScore\":6.4,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apereo:phpcas:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.1.2\",\"matchCriteriaId\":\"F33D1EDE-F0EE-4192-ACAB-CD843C58550E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apereo:phpcas:0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84643F63-231F-4A5C-8D47-058AD8FABFAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apereo:phpcas:0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23906CB9-E95F-4119-BAC7-E98167638812\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apereo:phpcas:0.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E4B02FB-D5D4-49AD-9FA4-DB9E98AAB4E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apereo:phpcas:0.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3BD906C-3FE4-47CE-BF07-3C0E1B1EEFAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apereo:phpcas:0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D822C2B-E663-45BE-8625-001515905ACE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apereo:phpcas:0.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"50E67C0D-9812-41E3-B6C6-74D2B290EB70\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apereo:phpcas:0.4.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC47FC27-8A9C-47F6-B08D-D37F94AC87C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apereo:phpcas:0.4.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D651AC30-3409-4FC4-89A1-59C75913053E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apereo:phpcas:0.4.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"622CEFA1-A003-4D5D-964C-DE4082378540\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apereo:phpcas:0.4.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE8534CC-752C-413F-B446-2A52E3B063B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apereo:phpcas:0.4.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C813FD1-BF71-4FF1-BBCC-CD4E519458A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apereo:phpcas:0.4.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD842AB3-24DE-46D8-B84D-85381EFDBB7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apereo:phpcas:0.4.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E51EB388-28EC-481F-8561-8B459BA6DE23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apereo:phpcas:0.4.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5137240-59CD-46EC-AFFB-03B60C32EB22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apereo:phpcas:0.4.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0819E826-A3DD-4C3F-9DE3-874AF59EA998\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apereo:phpcas:0.4.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD5B6E4A-76BC-4407-A034-3D9A7C494226\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apereo:phpcas:0.4.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB7BE780-3755-417F-B789-2CF8E5FB47CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apereo:phpcas:0.4.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0A2EFD3-C9D7-4852-A159-93265BFED6A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apereo:phpcas:0.4.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6C5C978-D2A7-4782-ACA1-40EF44D2F5DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apereo:phpcas:0.4.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8183106C-7DFE-4523-96EF-451BBF765A53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apereo:phpcas:0.4.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"022201CB-4E6C-47A4-A517-4E487E825263\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apereo:phpcas:0.4.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B67C493-D7F4-47F2-B86A-1CB856E934DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apereo:phpcas:0.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BBBD110-1B34-4FFB-BB80-F64A83099AAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apereo:phpcas:0.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F6C0FE4-B30E-488A-BD8E-0A32FC809F2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apereo:phpcas:0.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93DD2F0E-F5C5-4F73-977E-9CE81ECD4DD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apereo:phpcas:1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94985532-DF29-40BE-B4D2-D1D4D89851FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apereo:phpcas:1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02E429F9-A1E9-4FB9-AB3D-EE1481B1DADA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apereo:phpcas:1.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77FD0961-AFC8-4A9E-9942-4C8C0BD50DCC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apereo:phpcas:1.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E197B2B-DFB2-49CF-B13F-7E311358A88B\"}]}]}],\"references\":[{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495542#82\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050415.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050428.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049600.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049602.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/41878\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/42149\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/42184\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/43427\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2011/dsa-2172\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2010/09/29/6\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2010/10/01/2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2010/10/01/5\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/43585\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/2705\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/2909\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0456\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://developer.jasig.org/source/changelog/jasigsvn?cs=21538\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://forge.indepnet.net/projects/glpi/repository/revisions/12601\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://issues.jasig.org/browse/PHPCAS-80\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495542#82\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050415.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050428.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049600.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049602.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/41878\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/42149\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/42184\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/43427\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2011/dsa-2172\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2010/09/29/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2010/10/01/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2010/10/01/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/43585\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/2705\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/2909\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0456\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://developer.jasig.org/source/changelog/jasigsvn?cs=21538\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://forge.indepnet.net/projects/glpi/repository/revisions/12601\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://issues.jasig.org/browse/PHPCAS-80\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

gsd-2010-3692

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2010-3692

Aliases

CVE-2010-3692

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2010-3692",
    "description": "Directory traversal vulnerability in the callback function in client.php in phpCAS before 1.1.3, when proxy mode is enabled, allows remote attackers to create or overwrite arbitrary files via directory traversal sequences in a Proxy Granting Ticket IOU (PGTiou) parameter.",
    "id": "GSD-2010-3692",
    "references": [
      "https://www.debian.org/security/2011/dsa-2172"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2010-3692"
      ],
      "details": "Directory traversal vulnerability in the callback function in client.php in phpCAS before 1.1.3, when proxy mode is enabled, allows remote attackers to create or overwrite arbitrary files via directory traversal sequences in a Proxy Granting Ticket IOU (PGTiou) parameter.",
      "id": "GSD-2010-3692",
      "modified": "2023-12-13T01:21:33.807245Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2010-3692",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Directory traversal vulnerability in the callback function in client.php in phpCAS before 1.1.3, when proxy mode is enabled, allows remote attackers to create or overwrite arbitrary files via directory traversal sequences in a Proxy Granting Ticket IOU (PGTiou) parameter."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050415.html",
            "refsource": "MISC",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050415.html"
          },
          {
            "name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050428.html",
            "refsource": "MISC",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050428.html"
          },
          {
            "name": "http://secunia.com/advisories/42149",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/42149"
          },
          {
            "name": "http://secunia.com/advisories/42184",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/42184"
          },
          {
            "name": "http://secunia.com/advisories/43427",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/43427"
          },
          {
            "name": "http://www.debian.org/security/2011/dsa-2172",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2011/dsa-2172"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2010/2909",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2010/2909"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2011/0456",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2011/0456"
          },
          {
            "name": "https://forge.indepnet.net/projects/glpi/repository/revisions/12601",
            "refsource": "MISC",
            "url": "https://forge.indepnet.net/projects/glpi/repository/revisions/12601"
          },
          {
            "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495542#82",
            "refsource": "MISC",
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495542#82"
          },
          {
            "name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049600.html",
            "refsource": "MISC",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049600.html"
          },
          {
            "name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049602.html",
            "refsource": "MISC",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049602.html"
          },
          {
            "name": "http://secunia.com/advisories/41878",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/41878"
          },
          {
            "name": "http://www.openwall.com/lists/oss-security/2010/09/29/6",
            "refsource": "MISC",
            "url": "http://www.openwall.com/lists/oss-security/2010/09/29/6"
          },
          {
            "name": "http://www.openwall.com/lists/oss-security/2010/10/01/2",
            "refsource": "MISC",
            "url": "http://www.openwall.com/lists/oss-security/2010/10/01/2"
          },
          {
            "name": "http://www.openwall.com/lists/oss-security/2010/10/01/5",
            "refsource": "MISC",
            "url": "http://www.openwall.com/lists/oss-security/2010/10/01/5"
          },
          {
            "name": "http://www.securityfocus.com/bid/43585",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/43585"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2010/2705",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2010/2705"
          },
          {
            "name": "https://developer.jasig.org/source/changelog/jasigsvn?cs=21538",
            "refsource": "MISC",
            "url": "https://developer.jasig.org/source/changelog/jasigsvn?cs=21538"
          },
          {
            "name": "https://issues.jasig.org/browse/PHPCAS-80",
            "refsource": "MISC",
            "url": "https://issues.jasig.org/browse/PHPCAS-80"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apereo:phpcas:0.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apereo:phpcas:0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apereo:phpcas:0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apereo:phpcas:1.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apereo:phpcas:0.4.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apereo:phpcas:0.4.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apereo:phpcas:0.3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apereo:phpcas:0.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apereo:phpcas:1.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apereo:phpcas:0.4.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apereo:phpcas:0.4.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apereo:phpcas:0.4.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apereo:phpcas:0.4.22:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apereo:phpcas:0.4.21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apereo:phpcas:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.1.2",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apereo:phpcas:0.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apereo:phpcas:0.5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apereo:phpcas:0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apereo:phpcas:0.4.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apereo:phpcas:0.4.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apereo:phpcas:0.5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apereo:phpcas:0.4.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apereo:phpcas:0.4.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apereo:phpcas:0.4.19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apereo:phpcas:1.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apereo:phpcas:1.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apereo:phpcas:0.4.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apereo:phpcas:0.4.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apereo:phpcas:0.4.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apereo:phpcas:0.4.23:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2010-3692"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in the callback function in client.php in phpCAS before 1.1.3, when proxy mode is enabled, allows remote attackers to create or overwrite arbitrary files via directory traversal sequences in a Proxy Granting Ticket IOU (PGTiou) parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-22"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20101001 Re: CVE request - phpCAS: prevent symlink attacks, directory traversal and XSS during a proxy callback",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://www.openwall.com/lists/oss-security/2010/10/01/5"
            },
            {
              "name": "https://issues.jasig.org/browse/PHPCAS-80",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://issues.jasig.org/browse/PHPCAS-80"
            },
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495542#82",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495542#82"
            },
            {
              "name": "[oss-security] 20101001 Re: CVE request - phpCAS: prevent symlink attacks, directory traversal and XSS during a proxy callback",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://www.openwall.com/lists/oss-security/2010/10/01/2"
            },
            {
              "name": "https://developer.jasig.org/source/changelog/jasigsvn?cs=21538",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://developer.jasig.org/source/changelog/jasigsvn?cs=21538"
            },
            {
              "name": "[oss-security] 20100929 CVE request - phpCAS: prevent symlink attacks, directory traversal and XSS during a proxy callback",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://www.openwall.com/lists/oss-security/2010/09/29/6"
            },
            {
              "name": "ADV-2010-2705",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2010/2705"
            },
            {
              "name": "41878",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/41878"
            },
            {
              "name": "FEDORA-2010-15970",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049602.html"
            },
            {
              "name": "FEDORA-2010-15943",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049600.html"
            },
            {
              "name": "43585",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/43585"
            },
            {
              "name": "FEDORA-2010-16905",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050415.html"
            },
            {
              "name": "https://forge.indepnet.net/projects/glpi/repository/revisions/12601",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://forge.indepnet.net/projects/glpi/repository/revisions/12601"
            },
            {
              "name": "42149",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/42149"
            },
            {
              "name": "ADV-2010-2909",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2010/2909"
            },
            {
              "name": "42184",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/42184"
            },
            {
              "name": "FEDORA-2010-16912",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050428.html"
            },
            {
              "name": "DSA-2172",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2011/dsa-2172"
            },
            {
              "name": "ADV-2011-0456",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2011/0456"
            },
            {
              "name": "43427",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/43427"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.4,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 4.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2019-12-30T12:59Z",
      "publishedDate": "2010-10-07T21:00Z"
    }
  }
}

fkie_cve-2010-3692

Vulnerability from fkie_nvd

Published

2010-10-07 21:00

Modified

2025-04-11 00:51

Severity ?

Summary

References

▶	URL	Tags
	secalert@redhat.com	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495542#82
	secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050415.html
	secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050428.html
	secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049600.html
	secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049602.html
	secalert@redhat.com	http://secunia.com/advisories/41878
	secalert@redhat.com	http://secunia.com/advisories/42149
	secalert@redhat.com	http://secunia.com/advisories/42184
	secalert@redhat.com	http://secunia.com/advisories/43427
	secalert@redhat.com	http://www.debian.org/security/2011/dsa-2172
	secalert@redhat.com	http://www.openwall.com/lists/oss-security/2010/09/29/6
	secalert@redhat.com	http://www.openwall.com/lists/oss-security/2010/10/01/2
	secalert@redhat.com	http://www.openwall.com/lists/oss-security/2010/10/01/5
	secalert@redhat.com	http://www.securityfocus.com/bid/43585
	secalert@redhat.com	http://www.vupen.com/english/advisories/2010/2705
	secalert@redhat.com	http://www.vupen.com/english/advisories/2010/2909
	secalert@redhat.com	http://www.vupen.com/english/advisories/2011/0456
	secalert@redhat.com	https://developer.jasig.org/source/changelog/jasigsvn?cs=21538
	secalert@redhat.com	https://forge.indepnet.net/projects/glpi/repository/revisions/12601
	secalert@redhat.com	https://issues.jasig.org/browse/PHPCAS-80
	af854a3a-2127-422b-91ae-364da2661108	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495542#82
	af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050415.html
	af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050428.html
	af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049600.html
	af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049602.html
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/41878
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/42149
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/42184
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/43427
	af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2011/dsa-2172
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2010/09/29/6
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2010/10/01/2
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2010/10/01/5
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/43585
	af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/2705
	af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/2909
	af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0456
	af854a3a-2127-422b-91ae-364da2661108	https://developer.jasig.org/source/changelog/jasigsvn?cs=21538
	af854a3a-2127-422b-91ae-364da2661108	https://forge.indepnet.net/projects/glpi/repository/revisions/12601
	af854a3a-2127-422b-91ae-364da2661108	https://issues.jasig.org/browse/PHPCAS-80

Impacted products

Vendor	Product	Version
apereo	phpcas	*
apereo	phpcas	0.2
apereo	phpcas	0.3
apereo	phpcas	0.3.1
apereo	phpcas	0.3.2
apereo	phpcas	0.4
apereo	phpcas	0.4.1
apereo	phpcas	0.4.8
apereo	phpcas	0.4.9
apereo	phpcas	0.4.10
apereo	phpcas	0.4.11
apereo	phpcas	0.4.12
apereo	phpcas	0.4.13
apereo	phpcas	0.4.14
apereo	phpcas	0.4.15
apereo	phpcas	0.4.16
apereo	phpcas	0.4.17
apereo	phpcas	0.4.18
apereo	phpcas	0.4.19
apereo	phpcas	0.4.20
apereo	phpcas	0.4.21
apereo	phpcas	0.4.22
apereo	phpcas	0.4.23
apereo	phpcas	0.5.0
apereo	phpcas	0.5.1
apereo	phpcas	0.6.0
apereo	phpcas	1.0.0
apereo	phpcas	1.0.1
apereo	phpcas	1.1.0
apereo	phpcas	1.1.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apereo:phpcas:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F33D1EDE-F0EE-4192-ACAB-CD843C58550E",
              "versionEndIncluding": "1.1.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apereo:phpcas:0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "84643F63-231F-4A5C-8D47-058AD8FABFAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apereo:phpcas:0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "23906CB9-E95F-4119-BAC7-E98167638812",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apereo:phpcas:0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E4B02FB-D5D4-49AD-9FA4-DB9E98AAB4E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apereo:phpcas:0.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3BD906C-3FE4-47CE-BF07-3C0E1B1EEFAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apereo:phpcas:0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D822C2B-E663-45BE-8625-001515905ACE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apereo:phpcas:0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50E67C0D-9812-41E3-B6C6-74D2B290EB70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apereo:phpcas:0.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC47FC27-8A9C-47F6-B08D-D37F94AC87C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apereo:phpcas:0.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "D651AC30-3409-4FC4-89A1-59C75913053E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apereo:phpcas:0.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "622CEFA1-A003-4D5D-964C-DE4082378540",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apereo:phpcas:0.4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE8534CC-752C-413F-B446-2A52E3B063B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apereo:phpcas:0.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C813FD1-BF71-4FF1-BBCC-CD4E519458A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apereo:phpcas:0.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD842AB3-24DE-46D8-B84D-85381EFDBB7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apereo:phpcas:0.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E51EB388-28EC-481F-8561-8B459BA6DE23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apereo:phpcas:0.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5137240-59CD-46EC-AFFB-03B60C32EB22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apereo:phpcas:0.4.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "0819E826-A3DD-4C3F-9DE3-874AF59EA998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apereo:phpcas:0.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD5B6E4A-76BC-4407-A034-3D9A7C494226",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apereo:phpcas:0.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB7BE780-3755-417F-B789-2CF8E5FB47CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apereo:phpcas:0.4.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0A2EFD3-C9D7-4852-A159-93265BFED6A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apereo:phpcas:0.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6C5C978-D2A7-4782-ACA1-40EF44D2F5DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apereo:phpcas:0.4.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "8183106C-7DFE-4523-96EF-451BBF765A53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apereo:phpcas:0.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "022201CB-4E6C-47A4-A517-4E487E825263",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apereo:phpcas:0.4.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B67C493-D7F4-47F2-B86A-1CB856E934DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apereo:phpcas:0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BBBD110-1B34-4FFB-BB80-F64A83099AAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apereo:phpcas:0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F6C0FE4-B30E-488A-BD8E-0A32FC809F2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apereo:phpcas:0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "93DD2F0E-F5C5-4F73-977E-9CE81ECD4DD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apereo:phpcas:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "94985532-DF29-40BE-B4D2-D1D4D89851FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apereo:phpcas:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "02E429F9-A1E9-4FB9-AB3D-EE1481B1DADA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apereo:phpcas:1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "77FD0961-AFC8-4A9E-9942-4C8C0BD50DCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apereo:phpcas:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E197B2B-DFB2-49CF-B13F-7E311358A88B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Directory traversal vulnerability in the callback function in client.php in phpCAS before 1.1.3, when proxy mode is enabled, allows remote attackers to create or overwrite arbitrary files via directory traversal sequences in a Proxy Granting Ticket IOU (PGTiou) parameter."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de salto de directorio en la funci\u00f3n callback en client.php en phpCAS anterior a v1.1.3, cuando el modo proxy est\u00e1 habilitado, permite a atacantes crear o sobreescribir ficheros arbitrarios mediante  secuencias de salto de directorio en el par\u00e1metro Proxy Granting Ticket IOU (PGTiou)."
    }
  ],
  "id": "CVE-2010-3692",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.4,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-10-07T21:00:02.017",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495542#82"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050415.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050428.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049600.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049602.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/41878"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/42149"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/42184"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/43427"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2011/dsa-2172"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2010/09/29/6"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2010/10/01/2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2010/10/01/5"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/43585"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/2705"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/2909"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2011/0456"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://developer.jasig.org/source/changelog/jasigsvn?cs=21538"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://forge.indepnet.net/projects/glpi/repository/revisions/12601"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://issues.jasig.org/browse/PHPCAS-80"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495542#82"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050415.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050428.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049600.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049602.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/41878"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42149"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42184"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/43427"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2011/dsa-2172"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2010/09/29/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2010/10/01/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2010/10/01/5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/43585"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/2705"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/2909"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0456"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://developer.jasig.org/source/changelog/jasigsvn?cs=21538"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://forge.indepnet.net/projects/glpi/repository/revisions/12601"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.jasig.org/browse/PHPCAS-80"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ghsa-86jv-39rm-gf4v

Vulnerability from github

Published

2022-05-13 01:29

Modified

2022-05-13 01:29

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2010-3692"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2010-10-07T21:00:00Z",
    "severity": "MODERATE"
  },
  "details": "Directory traversal vulnerability in the callback function in client.php in phpCAS before 1.1.3, when proxy mode is enabled, allows remote attackers to create or overwrite arbitrary files via directory traversal sequences in a Proxy Granting Ticket IOU (PGTiou) parameter.",
  "id": "GHSA-86jv-39rm-gf4v",
  "modified": "2022-05-13T01:29:06Z",
  "published": "2022-05-13T01:29:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3692"
    },
    {
      "type": "WEB",
      "url": "https://developer.jasig.org/source/changelog/jasigsvn?cs=21538"
    },
    {
      "type": "WEB",
      "url": "https://forge.indepnet.net/projects/glpi/repository/revisions/12601"
    },
    {
      "type": "WEB",
      "url": "https://issues.jasig.org/browse/PHPCAS-80"
    },
    {
      "type": "WEB",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495542#82"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050415.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050428.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049600.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049602.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/41878"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/42149"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/42184"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/43427"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2011/dsa-2172"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2010/09/29/6"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2010/10/01/2"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2010/10/01/5"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/43585"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/2705"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/2909"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0456"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2010-3692 (GCVE-0-2010-3692)

Vulnerability from cvelistv5

gsd-2010-3692

Vulnerability from gsd

fkie_cve-2010-3692

Vulnerability from fkie_nvd

ghsa-86jv-39rm-gf4v

Vulnerability from github

Tags

Sightings

Nomenclature