mapserv.c in mapserv in MapServer before 4.10.6 and 5.x before 5.6.4 does not properly restrict the use of CGI command-line arguments that were intended for debugging, which allows remote attackers to have an unspecified impact via crafted arguments.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
21 Nov 2024, 01:16
Type | Values Removed | Values Added |
---|---|---|
References | () http://lists.osgeo.org/pipermail/mapserver-users/2010-July/066052.html - | |
References | () http://marc.info/?l=oss-security&m=127973381215859&w=2 - | |
References | () http://marc.info/?l=oss-security&m=127973754121922&w=2 - | |
References | () http://trac.osgeo.org/mapserver/ticket/3485 - | |
References | () http://www.securityfocus.com/bid/41855 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/60852 - |
01 Jun 2021, 13:59
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:umn:mapserver:4.10.4:*:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:5.2.0:*:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:5.0.0:beta4:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:4.10.2:*:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:5.2.0:beta4:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:5.6.0:*:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:5.0.0:beta2:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:4.6.0:beta1:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:4.8:rc2:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:4.6.0:beta2:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:5.4.0:beta3:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:5.4.1:*:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:4.8:beta2:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:4.6.0:beta3:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:5.2.1:*:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:4.8:beta1:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:5.4.2:*:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:5.0.0:beta6:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:5.0.0:beta3:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:5.6.1:*:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:5.2.0:beta2:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:4.10:beta1:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:5.4.0:beta2:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:5.0.0:beta5:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:4.8:rc1:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:4.10:beta2:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:5.4.0:beta1:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:4.10:rc1:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:4.10:beta3:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:4.10.0:*:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:5.2.0:beta3:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:5.4.0:beta4:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:5.4.0:*:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:5.0.0:beta1:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:5.4.0:rc2:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:4.10.3:*:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:4.4.0:beta1:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:4.4.0:beta2:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:4.10.1:*:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:5.2.0:beta1:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:5.0.0:rc1:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:5.2.0:rc1:*:*:*:*:*:* cpe:2.3:a:umn:mapserver:5.4.0:rc1:*:*:*:*:*:* |
cpe:2.3:a:osgeo:mapserver:4.10.2:*:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:5.2.0:beta3:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:5.4.0:rc2:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:5.6.1:*:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:4.8.0:beta3:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:5.2.0:beta2:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:5.0.0:beta6:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:4.6.0:beta3:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:4.10.0:beta1:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:5.4.2:*:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:4.6.0:beta1:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:5.2.1:*:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:4.10.0:*:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:5.4.0:rc1:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:4.4.0:beta1:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:4.4.0:beta2:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:5.0.0:beta3:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:5.4.0:beta4:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:4.8.0:beta1:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:5.2.0:rc1:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:5.0.0:beta4:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:4.8.0:rc2:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:4.8.0:rc1:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:5.6.0:*:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:5.0.0:rc1:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:5.2.0:beta4:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:4.8.0:beta2:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:5.0.0:beta5:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:4.10.3:*:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:5.4.0:beta2:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:5.0.0:beta2:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:5.4.1:*:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:5.4.0:beta3:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:5.2.0:*:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:4.10.0:beta3:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:4.10.1:*:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:4.10.0:rc1:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:5.2.0:beta1:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:5.0.0:beta1:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:5.4.0:*:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:4.6.0:beta2:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:4.10.0:beta2:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:5.4.0:beta1:*:*:*:*:*:* cpe:2.3:a:osgeo:mapserver:4.10.4:*:*:*:*:*:*:* |
28 May 2021, 18:38
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:osgeo:mapserver:4.2.0:beta1:*:*:*:*:*:* |
Information
Published : 2010-08-02 22:00
Updated : 2024-11-21 01:16
NVD link : CVE-2010-2540
Mitre link : CVE-2010-2540
CVE.ORG link : CVE-2010-2540
JSON object : View
Products Affected
umn
- mapserver
osgeo
- mapserver
CWE
CWE-264
Permissions, Privileges, and Access Controls