Vulnerability-Lookup

CVE-2010-2771 (GCVE-0-2010-2771)

Vulnerability from cvelistv5 – Published: 2010-07-22 01:00 – Updated: 2024-09-16 18:54

Summary

solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers to execute arbitrary code via a long username field in the first handshake packet.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.securityfocus.com/bid/41653	vdb-entryx_refsource_BID
	http://www.zerodayinitiative.com/advisories/ZDI-10-125/	x_refsource_MISC
	http://publib.boulder.ibm.com/infocenter/soliddb/…	x_refsource_MISC
	http://securitytracker.com/id?1024203	vdb-entryx_refsource_SECTRACK

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T02:46:47.988Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "41653",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/41653"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-125/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://publib.boulder.ibm.com/infocenter/soliddb/v6r5/index.jsp?topic=/com.ibm.swg.im.soliddb.common.doc/doc/detailed.list.fixes.html"
          },
          {
            "name": "1024203",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1024203"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers to execute arbitrary code via a long username field in the first handshake packet."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-07-22T01:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "41653",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/41653"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-125/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://publib.boulder.ibm.com/infocenter/soliddb/v6r5/index.jsp?topic=/com.ibm.swg.im.soliddb.common.doc/doc/detailed.list.fixes.html"
        },
        {
          "name": "1024203",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1024203"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-2771",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers to execute arbitrary code via a long username field in the first handshake packet."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "41653",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/41653"
            },
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-125/",
              "refsource": "MISC",
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-125/"
            },
            {
              "name": "http://publib.boulder.ibm.com/infocenter/soliddb/v6r5/index.jsp?topic=/com.ibm.swg.im.soliddb.common.doc/doc/detailed.list.fixes.html",
              "refsource": "MISC",
              "url": "http://publib.boulder.ibm.com/infocenter/soliddb/v6r5/index.jsp?topic=/com.ibm.swg.im.soliddb.common.doc/doc/detailed.list.fixes.html"
            },
            {
              "name": "1024203",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1024203"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-2771",
    "datePublished": "2010-07-22T01:00:00.000Z",
    "dateReserved": "2010-07-21T00:00:00.000Z",
    "dateUpdated": "2024-09-16T18:54:25.730Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2010-2771",
      "date": "2026-05-07",
      "epss": "0.14405",
      "percentile": "0.94456"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2010-2771\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2010-07-22T05:43:58.217\",\"lastModified\":\"2026-04-29T01:13:23.040\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers to execute arbitrary code via a long username field in the first handshake packet.\"},{\"lang\":\"es\",\"value\":\"solid.exe en IBM solidDB anterior a v6.5 FP2 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un campo de nombre de usuario largo en el primer paquete de negociaci\u00f3n.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:soliddb:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.5.0.1\",\"matchCriteriaId\":\"A348D573-0889-4F70-ACC6-4EA0164E541A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:soliddb:4.5.167:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A0DA527-397A-47B4-AB5A-9BBC5A7DAA28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:soliddb:4.5.168:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17BC676A-05D1-4E4E-9D2F-33BCA932F4F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:soliddb:4.5.169:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B39D6B29-E377-43C9-AC3B-6AF1C6ADFE54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:soliddb:4.5.173:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40FBFD43-2751-4D92-B193-D0E2069A139C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:soliddb:4.5.175:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55CB9B6C-B28E-42DC-982C-4DCA6A556ACF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:soliddb:4.5.176:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5D6921F-5C5D-476E-B711-165A0A44FBA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:soliddb:4.5.178:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DACBCB28-150F-44E2-AA56-EB61A67E4805\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:soliddb:06.00.1018:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"979423E3-2025-4EB2-B1C5-5C6B6A39B745\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:soliddb:6.0.1060:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52BFE67B-53D1-4D07-A90D-8103C0C06BCE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:soliddb:6.0.1061:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BAF8235-C7C6-4CBD-89AF-636ADD9F2C51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:soliddb:6.0.1064:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"314B1005-9DEA-4F8C-9527-5F6A511A2B66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:soliddb:6.0.1065:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E76225E-A7C1-4E52-B2C9-B3D491B2B1DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:soliddb:6.0.1066:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D7CFB62-6B88-4A1E-8346-7F7BC8A6B3D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:soliddb:6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCE6F23C-0E59-4B13-9D52-3F47CE99FED6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:soliddb:6.1.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F979E6DD-CFDE-4A16-AC59-A2738A00749C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:soliddb:6.3.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CC69E56-801F-4498-8284-A5E3542BE533\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:soliddb:6.3.37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B04C078E-F68C-4C01-90B7-E24BA1279402\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:soliddb:6.5.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C7CD010-0CF0-4111-A056-40C134367809\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:soliddb:6.30.0039:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92413864-00FB-42FC-9832-0A6DEB3B078E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:soliddb:6.30.0040:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53D81C90-1570-448F-8850-F9DC4276253B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:soliddb:6.30.0044:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F73F6068-B8B8-468D-8729-DBBEADD3935E\"}]}]}],\"references\":[{\"url\":\"http://publib.boulder.ibm.com/infocenter/soliddb/v6r5/index.jsp?topic=/com.ibm.swg.im.soliddb.common.doc/doc/detailed.list.fixes.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1024203\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/41653\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.zerodayinitiative.com/advisories/ZDI-10-125/\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://publib.boulder.ibm.com/infocenter/soliddb/v6r5/index.jsp?topic=/com.ibm.swg.im.soliddb.common.doc/doc/detailed.list.fixes.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1024203\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/41653\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.zerodayinitiative.com/advisories/ZDI-10-125/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

GHSA-9QP8-XGH5-RQ98

Vulnerability from github – Published: 2022-05-17 05:49 – Updated: 2025-04-11 03:37

Details

solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers to execute arbitrary code via a long username field in the first handshake packet.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2010-2771"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-94"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2010-07-22T05:43:00Z",
    "severity": "HIGH"
  },
  "details": "solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers to execute arbitrary code via a long username field in the first handshake packet.",
  "id": "GHSA-9qp8-xgh5-rq98",
  "modified": "2025-04-11T03:37:35Z",
  "published": "2022-05-17T05:49:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2771"
    },
    {
      "type": "WEB",
      "url": "http://publib.boulder.ibm.com/infocenter/soliddb/v6r5/index.jsp?topic=/com.ibm.swg.im.soliddb.common.doc/doc/detailed.list.fixes.html"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1024203"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/41653"
    },
    {
      "type": "WEB",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-125"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2010-2771

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers to execute arbitrary code via a long username field in the first handshake packet.

Aliases

CVE-2010-2771

Aliases

CVE-2010-2771

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2010-2771",
    "description": "solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers to execute arbitrary code via a long username field in the first handshake packet.",
    "id": "GSD-2010-2771"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2010-2771"
      ],
      "details": "solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers to execute arbitrary code via a long username field in the first handshake packet.",
      "id": "GSD-2010-2771",
      "modified": "2023-12-13T01:21:31.557789Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2010-2771",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers to execute arbitrary code via a long username field in the first handshake packet."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "41653",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/41653"
          },
          {
            "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-125/",
            "refsource": "MISC",
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-125/"
          },
          {
            "name": "http://publib.boulder.ibm.com/infocenter/soliddb/v6r5/index.jsp?topic=/com.ibm.swg.im.soliddb.common.doc/doc/detailed.list.fixes.html",
            "refsource": "MISC",
            "url": "http://publib.boulder.ibm.com/infocenter/soliddb/v6r5/index.jsp?topic=/com.ibm.swg.im.soliddb.common.doc/doc/detailed.list.fixes.html"
          },
          {
            "name": "1024203",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1024203"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ibm:soliddb:6.0.1064:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:soliddb:6.0.1061:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:soliddb:6.0.1060:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:soliddb:4.5.178:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:soliddb:4.5.175:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:soliddb:4.5.173:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:soliddb:4.5.169:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:soliddb:4.5.168:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:soliddb:6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:soliddb:6.3.33:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:soliddb:6.3.37:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:soliddb:6.30.0039:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:soliddb:6.1.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:soliddb:6.0.1065:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:soliddb:4.5.176:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:soliddb:6.30.0040:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:soliddb:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.5.0.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:soliddb:4.5.167:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:soliddb:6.0.1066:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:soliddb:06.00.1018:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:soliddb:6.30.0044:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:soliddb:6.5.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-2771"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers to execute arbitrary code via a long username field in the first handshake packet."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-94"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "41653",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/41653"
            },
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-125/",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-125/"
            },
            {
              "name": "1024203",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1024203"
            },
            {
              "name": "http://publib.boulder.ibm.com/infocenter/soliddb/v6r5/index.jsp?topic=/com.ibm.swg.im.soliddb.common.doc/doc/detailed.list.fixes.html",
              "refsource": "MISC",
              "tags": [],
              "url": "http://publib.boulder.ibm.com/infocenter/soliddb/v6r5/index.jsp?topic=/com.ibm.swg.im.soliddb.common.doc/doc/detailed.list.fixes.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2010-07-22T05:43Z",
      "publishedDate": "2010-07-22T05:43Z"
    }
  }
}

FKIE_CVE-2010-2771

Vulnerability from fkie_nvd - Published: 2010-07-22 05:43 - Updated: 2026-04-29 01:13

Severity ?

Summary

solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers to execute arbitrary code via a long username field in the first handshake packet.

References

	URL	Tags
	cve@mitre.org	http://publib.boulder.ibm.com/infocenter/soliddb/v6r5/index.jsp?topic=/com.ibm.swg.im.soliddb.common.doc/doc/detailed.list.fixes.html
	cve@mitre.org	http://securitytracker.com/id?1024203
	cve@mitre.org	http://www.securityfocus.com/bid/41653
	cve@mitre.org	http://www.zerodayinitiative.com/advisories/ZDI-10-125/
	af854a3a-2127-422b-91ae-364da2661108	http://publib.boulder.ibm.com/infocenter/soliddb/v6r5/index.jsp?topic=/com.ibm.swg.im.soliddb.common.doc/doc/detailed.list.fixes.html
	af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1024203
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/41653
	af854a3a-2127-422b-91ae-364da2661108	http://www.zerodayinitiative.com/advisories/ZDI-10-125/

Impacted products

Vendor	Product	Version
ibm	soliddb	*
ibm	soliddb	4.5.167
ibm	soliddb	4.5.168
ibm	soliddb	4.5.169
ibm	soliddb	4.5.173
ibm	soliddb	4.5.175
ibm	soliddb	4.5.176
ibm	soliddb	4.5.178
ibm	soliddb	06.00.1018
ibm	soliddb	6.0.1060
ibm	soliddb	6.0.1061
ibm	soliddb	6.0.1064
ibm	soliddb	6.0.1065
ibm	soliddb	6.0.1066
ibm	soliddb	6.1
ibm	soliddb	6.1.20
ibm	soliddb	6.3.33
ibm	soliddb	6.3.37
ibm	soliddb	6.5.0.0
ibm	soliddb	6.30.0039
ibm	soliddb	6.30.0040
ibm	soliddb	6.30.0044

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:soliddb:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A348D573-0889-4F70-ACC6-4EA0164E541A",
              "versionEndIncluding": "6.5.0.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:soliddb:4.5.167:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A0DA527-397A-47B4-AB5A-9BBC5A7DAA28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:soliddb:4.5.168:*:*:*:*:*:*:*",
              "matchCriteriaId": "17BC676A-05D1-4E4E-9D2F-33BCA932F4F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:soliddb:4.5.169:*:*:*:*:*:*:*",
              "matchCriteriaId": "B39D6B29-E377-43C9-AC3B-6AF1C6ADFE54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:soliddb:4.5.173:*:*:*:*:*:*:*",
              "matchCriteriaId": "40FBFD43-2751-4D92-B193-D0E2069A139C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:soliddb:4.5.175:*:*:*:*:*:*:*",
              "matchCriteriaId": "55CB9B6C-B28E-42DC-982C-4DCA6A556ACF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:soliddb:4.5.176:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D6921F-5C5D-476E-B711-165A0A44FBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:soliddb:4.5.178:*:*:*:*:*:*:*",
              "matchCriteriaId": "DACBCB28-150F-44E2-AA56-EB61A67E4805",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:soliddb:06.00.1018:*:*:*:*:*:*:*",
              "matchCriteriaId": "979423E3-2025-4EB2-B1C5-5C6B6A39B745",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:soliddb:6.0.1060:*:*:*:*:*:*:*",
              "matchCriteriaId": "52BFE67B-53D1-4D07-A90D-8103C0C06BCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:soliddb:6.0.1061:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BAF8235-C7C6-4CBD-89AF-636ADD9F2C51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:soliddb:6.0.1064:*:*:*:*:*:*:*",
              "matchCriteriaId": "314B1005-9DEA-4F8C-9527-5F6A511A2B66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:soliddb:6.0.1065:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E76225E-A7C1-4E52-B2C9-B3D491B2B1DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:soliddb:6.0.1066:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D7CFB62-6B88-4A1E-8346-7F7BC8A6B3D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:soliddb:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCE6F23C-0E59-4B13-9D52-3F47CE99FED6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:soliddb:6.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "F979E6DD-CFDE-4A16-AC59-A2738A00749C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:soliddb:6.3.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CC69E56-801F-4498-8284-A5E3542BE533",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:soliddb:6.3.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "B04C078E-F68C-4C01-90B7-E24BA1279402",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:soliddb:6.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C7CD010-0CF0-4111-A056-40C134367809",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:soliddb:6.30.0039:*:*:*:*:*:*:*",
              "matchCriteriaId": "92413864-00FB-42FC-9832-0A6DEB3B078E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:soliddb:6.30.0040:*:*:*:*:*:*:*",
              "matchCriteriaId": "53D81C90-1570-448F-8850-F9DC4276253B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:soliddb:6.30.0044:*:*:*:*:*:*:*",
              "matchCriteriaId": "F73F6068-B8B8-468D-8729-DBBEADD3935E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers to execute arbitrary code via a long username field in the first handshake packet."
    },
    {
      "lang": "es",
      "value": "solid.exe en IBM solidDB anterior a v6.5 FP2 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un campo de nombre de usuario largo en el primer paquete de negociaci\u00f3n."
    }
  ],
  "id": "CVE-2010-2771",
  "lastModified": "2026-04-29T01:13:23.040",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-07-22T05:43:58.217",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://publib.boulder.ibm.com/infocenter/soliddb/v6r5/index.jsp?topic=/com.ibm.swg.im.soliddb.common.doc/doc/detailed.list.fixes.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1024203"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/41653"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-125/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://publib.boulder.ibm.com/infocenter/soliddb/v6r5/index.jsp?topic=/com.ibm.swg.im.soliddb.common.doc/doc/detailed.list.fixes.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1024203"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/41653"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-125/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2010-2771 (GCVE-0-2010-2771)

GHSA-9QP8-XGH5-RQ98

GSD-2010-2771

FKIE_CVE-2010-2771

Tags

Sightings

Nomenclature