CVE-2010-2195

{"id": "CVE-2010-2195", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2010-08-02T20:40:01.013", "references": [{"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590298", "source": "cve@mitre.org"}, {"url": "http://security-tracker.debian.org/tracker/CVE-2010-2195", "source": "cve@mitre.org"}, {"url": "http://www.eterna.com.au/bozohttpd", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.eterna.com.au/bozohttpd/CHANGES", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60876", "source": "cve@mitre.org"}, {"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590298", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://security-tracker.debian.org/tracker/CVE-2010-2195", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.eterna.com.au/bozohttpd", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.eterna.com.au/bozohttpd/CHANGES", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60876", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "bozotic HTTP server (aka bozohttpd) 20090522 through 20100512 allows attackers to cause a denial of service via vectors related to a \"wrong code generation interaction with GCC.\""}, {"lang": "es", "value": "bozotic HTTP server (tambi\u00e9n conocido como bozohttpd) 20090522 a 20100512 permite a atacantes provocar una denegaci\u00f3n de servicio mediante vectores relacionados con un \"wrong code generation interaction with GCC\"."}], "lastModified": "2024-11-21T01:16:08.043", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:eterna:bozohttpd:20090522:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A1668326-2B90-4D98-859C-CFDFD7811E13"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20100509:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "620F61ED-B77F-48B7-93EA-7089A9C0BBE9"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20100512:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C4F081AF-5022-44B4-BBB7-108374DDFADB"}], "operator": "OR"}]}], "evaluatorComment": "Per: http://www.eterna.com.au/bozohttpd/\r\n\r\n'please note that a bozohttpd versions 20090522 to 20100512, inclusive, have a serious wrong code generation interaction with GCC that has been fixed in the 20100617 release. any one using these versions should upgrade to the 20100617 release, or newer.'", "sourceIdentifier": "cve@mitre.org"}