CVE-2010-2059

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

lib/fsm.c in RPM 4.8.0 and unspecified 4.7.x and 4.6.x versions, and RPM before 4.4.3, does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade, which might allow local users to gain privileges by creating a hard link to a vulnerable (1) setuid or (2) setgid file.

References

http://distrib-coffee.ipsl.jussieu.fr/pub/mirrors/rpm/files/rpm/rpm-4.4/rpm-4.4.3.tar.gz

http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html

http://lists.vmware.com/pipermail/security-announce/2011/000126.html

http://marc.info/?l=oss-security&m=127559059928131&w=2

http://rpm.org/gitweb?p=rpm.git;a=commit;h=ca2d6b2b484f1501eafdde02e1688409340d2383

http://secunia.com/advisories/40028

http://www.mandriva.com/security/advisories?name=MDVSA-2010:180

http://www.openwall.com/lists/oss-security/2010/06/02/2

http://www.openwall.com/lists/oss-security/2010/06/02/3

http://www.openwall.com/lists/oss-security/2010/06/03/5

http://www.openwall.com/lists/oss-security/2010/06/04/1

http://www.osvdb.org/65143

http://www.redhat.com/support/errata/RHSA-2010-0679.html

http://www.securityfocus.com/archive/1/516909/100/0/threaded

http://www.vmware.com/security/advisories/VMSA-2011-0004.html

http://www.vupen.com/english/advisories/2011/0606

https://bugzilla.redhat.com/show_bug.cgi?id=125517

https://bugzilla.redhat.com/show_bug.cgi?id=598775

Details

Source: MITRE

Published: 2010-06-08

Updated: 2018-10-10

Type: CWE-264

Risk Information

CVSS v2

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.9

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:rpm:rpm:1.2:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:1.3:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:1.3.1:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:1.4:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:1.4.2:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:1.4.2\/a:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:1.4.3:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:1.4.4:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:1.4.5:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:1.4.6:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:1.4.7:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2..4.10:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.0:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.0.1:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.0.2:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.0.3:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.0.4:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.0.5:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.0.6:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.0.7:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.0.8:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.0.9:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.0.10:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.0.11:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.1:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.1.1:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.1.2:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.2:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.2.1:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.2.2:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.2.3:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.2.3.10:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.2.3.11:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.2.4:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.2.5:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.2.6:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.2.7:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.2.8:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.2.9:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.2.10:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.2.11:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.3:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.3.1:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.3.2:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.3.3:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.3.4:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.3.5:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.3.6:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.3.7:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.3.8:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.3.9:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.4.1:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.4.2:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.4.3:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.4.4:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.4.5:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.4.6:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.4.8:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.4.9:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.4.11:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.4.12:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.5:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.5.1:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.5.2:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.5.3:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.5.4:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.5.5:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.5.6:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:2.6.7:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:3.0:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:3.0.1:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:3.0.2:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:3.0.3:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:3.0.4:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:3.0.5:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:3.0.6:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:4.0.:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:4.0.1:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:4.0.2:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:4.0.3:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:4.0.4:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:4.1:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:4.3.3:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:4.4.2:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:4.4.2.1:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:4.4.2.2:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:*:*:*:*:*:*:*:* versions up to 4.4.2.3 (inclusive)

Configuration 2

OR

cpe:2.3:a:rpm:rpm:4.6.0:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:4.6.1:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:4.7.0:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:4.7.1:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:4.7.2:*:*:*:*:*:*:*

cpe:2.3:a:rpm:rpm:4.8.0:*:*:*:*:*:*:*

Tenable Plugins

View all (22 total)

IDNameProductFamilySeverity
89675VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0004) (remote check)NessusMisc.
high
89105VMware ESX / ESXi Service Console and Third-Party Libraries Multiple Vulnerabilities (VMSA-2012-0001) (remote check)NessusMisc.
high
68096Oracle Linux 5 : rpm (ELSA-2010-0679)NessusOracle Linux Local Security Checks
high
68095Oracle Linux 4 : rpm (ELSA-2010-0678)NessusOracle Linux Local Security Checks
high
60852Scientific Linux Security Update : rpm on SL5.x i386/x86_64NessusScientific Linux Local Security Checks
high
60851Scientific Linux Security Update : rpm on SL4.x i386/x86_64NessusScientific Linux Local Security Checks
high
59679GLSA-201206-26 : RPM: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
57749VMSA-2012-0001 : VMware ESXi and ESX updates to third-party library and ESX Service ConsoleNessusVMware ESX Local Security Checks
high
52582VMSA-2011-0004 : VMware ESX/ESXi SLPD denial of service vulnerability and ESX third-party updates for Service Console packages bind, pam, and rpm.NessusVMware ESX Local Security Checks
high
51631SuSE 11.1 Security Update : rpm (SAT Patch Number 3678)NessusSuSE Local Security Checks
high
50957SuSE 11 / 11.1 Security Update : popt (SAT Patch Numbers 2647 / 2648)NessusSuSE Local Security Checks
high
49917SuSE 10 Security Update : popt (ZYPP Patch Number 7069)NessusSuSE Local Security Checks
high
49267openSUSE Security Update : rpm (openSUSE-SU-2010:0627-1)NessusSuSE Local Security Checks
high
49265openSUSE Security Update : popt (openSUSE-SU-2010:0629-1)NessusSuSE Local Security Checks
high
49209Mandriva Linux Security Advisory : rpm (MDVSA-2010:180)NessusMandriva Local Security Checks
high
49204CentOS 5 : rpm (CESA-2010:0679)NessusCentOS Local Security Checks
high
49180CentOS 4 : rpm (CESA-2010:0678)NessusCentOS Local Security Checks
high
49131RHEL 5 : rpm (RHSA-2010:0679)NessusRed Hat Local Security Checks
high
49130RHEL 4 : rpm (RHSA-2010:0678)NessusRed Hat Local Security Checks
high
47820openSUSE Security Update : popt (openSUSE-SU-2010:0428-1)NessusSuSE Local Security Checks
high
47676Fedora 13 : rpm-4.8.1-2.fc13 (2010-9829)NessusFedora Local Security Checks
high
47611Fedora 12 : rpm-4.7.2-2.fc12 (2010-10617)NessusFedora Local Security Checks
high