Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

CVE-2010-4052

UNKNOWN

Published 2011-01-13T18:35:00

Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2010-4052. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (resource exhaustion) via a regular expression containing adjacent repetition operators, as demonstrated by a {10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-xq2p-cgwj-87m3

Advisory Details

Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (resource exhaustion) via a regular expression containing adjacent repetition operators, as demonstrated by a {10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD.

CVSS Scoring

CVSS Score

5.0

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2010-4052

WEB https://bugzilla.redhat.com/show_bug.cgi?id=645859

WEB http://cxib.net/stuff/proftpd.gnu.c

WEB http://seclists.org/fulldisclosure/2011/Jan/78

WEB http://secunia.com/advisories/42547

WEB http://securityreason.com/achievement_securityalert/93

WEB http://securityreason.com/securityalert/8003

WEB http://securitytracker.com/id?1024832

WEB http://www.exploit-db.com/exploits/15935

WEB http://www.kb.cert.org/vuls/id/912279

WEB http://www.securityfocus.com/archive/1/515589/100/0/threaded

WEB http://www.securityfocus.com/bid/45233

Advisory provided by GitHub Security Advisory Database. Published: May 14, 2022, Modified: May 14, 2022

References

http://secunia.com/advisories/42547

http://securitytracker.com/id?1024832

http://seclists.org/fulldisclosure/2011/Jan/78

http://www.kb.cert.org/vuls/id/912279

http://www.securityfocus.com/bid/45233

http://www.securityfocus.com/archive/1/515589/100/0/threaded

http://cxib.net/stuff/proftpd.gnu.c

http://www.exploit-db.com/exploits/15935

http://securityreason.com/securityalert/8003

http://securityreason.com/achievement_securityalert/93

https://bugzilla.redhat.com/show_bug.cgi?id=645859

HackerOne Reports

Container scanning and Dependency scanning report leaked to unauthorized users Medium

xanbanx

GitLab

Improper Access Control - Generic

Published: 2011-01-13T18:35:00

Last Modified: 2024-08-07T03:34:37.250Z

Copied to clipboard!