CVE-2010-0935

Sažetak

Perforce Server 2009.2 and earlier, when the protection table is empty, allows remote authenticated users to obtain super privileges via a "p4 protect" command.

Reference

http://lists.immunitysec.com/pipermail/dailydave/2010-March/006063.html
http://www.perforce.com/perforce/doc.current/manuals/cmdref/protect.html
http://www.securityfocus.com/bid/36261

CVSS

Base:	4.6
Impact:	6.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:H/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

08-03-2010 - 05:00

Objavljeno

05-03-2010 - 19:30