{"containers":{"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2010-05-18T00:00:00.000Z","descriptions":[{"lang":"en","value":"Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2018-10-10T18:57:01.000Z","orgId":"74586083-13ce-40fd-b46a-8e5d23cfbcb2","shortName":"hp"},"references":[{"name":"64729","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/64729"},{"name":"IZ75440","tags":["vendor-advisory","x_refsource_AIXAPAR"],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ75440"},{"name":"39911","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/39911"},{"tags":["x_refsource_CONFIRM"],"url":"http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=5088"},{"name":"oval:org.mitre.oval:def:11986","tags":["vdb-entry","signature","x_refsource_OVAL"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11986"},{"name":"40248","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/40248"},{"name":"1023994","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1023994"},{"name":"IZ75369","tags":["vendor-advisory","x_refsource_AIXAPAR"],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ75369"},{"name":"ADV-2010-1213","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2010/1213"},{"name":"IZ73757","tags":["vendor-advisory","x_refsource_AIXAPAR"],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ73757"},{"name":"IZ73599","tags":["vendor-advisory","x_refsource_AIXAPAR"],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ73599"},{"tags":["x_refsource_MISC"],"url":"http://www.checkpoint.com/defense/advisories/public/2010/cpai-13-May.html"},{"name":"20100520 HP-UX, IBM AIX, SGI IRIX Remote Vulnerability - CVE-2010-1039","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/511405/100/0/threaded"},{"name":"HPSBUX02523","tags":["vendor-advisory","x_refsource_HP"],"url":"http://marc.info/?l=bugtraq&m=127428077629933&w=2"},{"name":"oval:org.mitre.oval:def:12103","tags":["vdb-entry","signature","x_refsource_OVAL"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12103"},{"name":"IZ75465","tags":["vendor-advisory","x_refsource_AIXAPAR"],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ75465"},{"name":"IZ73874","tags":["vendor-advisory","x_refsource_AIXAPAR"],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ73874"},{"name":"SSRT100036","tags":["vendor-advisory","x_refsource_HP"],"url":"http://marc.info/?l=bugtraq&m=127428077629933&w=2"},{"name":"ADV-2010-1199","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2010/1199"},{"name":"39835","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/39835"},{"name":"hpux-nfsoncplus-privilege-escalation(58718)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/58718"},{"name":"1024016","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1024016"},{"name":"ADV-2010-1212","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2010/1212"},{"name":"ADV-2010-1211","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2010/1211"},{"tags":["x_refsource_CONFIRM"],"url":"http://aix.software.ibm.com/aix/efixes/security/pcnfsd_advisory.asc"},{"name":"IZ73590","tags":["vendor-advisory","x_refsource_AIXAPAR"],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ73590"},{"name":"IZ73681","tags":["vendor-advisory","x_refsource_AIXAPAR"],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ73681"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"hp-security-alert@hp.com","ID":"CVE-2010-1039","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"64729","refsource":"OSVDB","url":"http://osvdb.org/64729"},{"name":"IZ75440","refsource":"AIXAPAR","url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ75440"},{"name":"39911","refsource":"SECUNIA","url":"http://secunia.com/advisories/39911"},{"name":"http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=5088","refsource":"CONFIRM","url":"http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=5088"},{"name":"oval:org.mitre.oval:def:11986","refsource":"OVAL","url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11986"},{"name":"40248","refsource":"BID","url":"http://www.securityfocus.com/bid/40248"},{"name":"1023994","refsource":"SECTRACK","url":"http://www.securitytracker.com/id?1023994"},{"name":"IZ75369","refsource":"AIXAPAR","url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ75369"},{"name":"ADV-2010-1213","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2010/1213"},{"name":"IZ73757","refsource":"AIXAPAR","url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ73757"},{"name":"IZ73599","refsource":"AIXAPAR","url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ73599"},{"name":"http://www.checkpoint.com/defense/advisories/public/2010/cpai-13-May.html","refsource":"MISC","url":"http://www.checkpoint.com/defense/advisories/public/2010/cpai-13-May.html"},{"name":"20100520 HP-UX, IBM AIX, SGI IRIX Remote Vulnerability - CVE-2010-1039","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/511405/100/0/threaded"},{"name":"HPSBUX02523","refsource":"HP","url":"http://marc.info/?l=bugtraq&m=127428077629933&w=2"},{"name":"oval:org.mitre.oval:def:12103","refsource":"OVAL","url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12103"},{"name":"IZ75465","refsource":"AIXAPAR","url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ75465"},{"name":"IZ73874","refsource":"AIXAPAR","url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ73874"},{"name":"SSRT100036","refsource":"HP","url":"http://marc.info/?l=bugtraq&m=127428077629933&w=2"},{"name":"ADV-2010-1199","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2010/1199"},{"name":"39835","refsource":"SECUNIA","url":"http://secunia.com/advisories/39835"},{"name":"hpux-nfsoncplus-privilege-escalation(58718)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/58718"},{"name":"1024016","refsource":"SECTRACK","url":"http://securitytracker.com/id?1024016"},{"name":"ADV-2010-1212","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2010/1212"},{"name":"ADV-2010-1211","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2010/1211"},{"name":"http://aix.software.ibm.com/aix/efixes/security/pcnfsd_advisory.asc","refsource":"CONFIRM","url":"http://aix.software.ibm.com/aix/efixes/security/pcnfsd_advisory.asc"},{"name":"IZ73590","refsource":"AIXAPAR","url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ73590"},{"name":"IZ73681","refsource":"AIXAPAR","url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ73681"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-07T01:06:52.691Z"},"title":"CVE Program Container","references":[{"name":"64729","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/64729"},{"name":"IZ75440","tags":["vendor-advisory","x_refsource_AIXAPAR","x_transferred"],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ75440"},{"name":"39911","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/39911"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=5088"},{"name":"oval:org.mitre.oval:def:11986","tags":["vdb-entry","signature","x_refsource_OVAL","x_transferred"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11986"},{"name":"40248","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/40248"},{"name":"1023994","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1023994"},{"name":"IZ75369","tags":["vendor-advisory","x_refsource_AIXAPAR","x_transferred"],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ75369"},{"name":"ADV-2010-1213","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2010/1213"},{"name":"IZ73757","tags":["vendor-advisory","x_refsource_AIXAPAR","x_transferred"],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ73757"},{"name":"IZ73599","tags":["vendor-advisory","x_refsource_AIXAPAR","x_transferred"],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ73599"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.checkpoint.com/defense/advisories/public/2010/cpai-13-May.html"},{"name":"20100520 HP-UX, IBM AIX, SGI IRIX Remote Vulnerability - CVE-2010-1039","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/511405/100/0/threaded"},{"name":"HPSBUX02523","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=127428077629933&w=2"},{"name":"oval:org.mitre.oval:def:12103","tags":["vdb-entry","signature","x_refsource_OVAL","x_transferred"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12103"},{"name":"IZ75465","tags":["vendor-advisory","x_refsource_AIXAPAR","x_transferred"],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ75465"},{"name":"IZ73874","tags":["vendor-advisory","x_refsource_AIXAPAR","x_transferred"],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ73874"},{"name":"SSRT100036","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=127428077629933&w=2"},{"name":"ADV-2010-1199","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2010/1199"},{"name":"39835","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/39835"},{"name":"hpux-nfsoncplus-privilege-escalation(58718)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/58718"},{"name":"1024016","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1024016"},{"name":"ADV-2010-1212","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2010/1212"},{"name":"ADV-2010-1211","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2010/1211"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://aix.software.ibm.com/aix/efixes/security/pcnfsd_advisory.asc"},{"name":"IZ73590","tags":["vendor-advisory","x_refsource_AIXAPAR","x_transferred"],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ73590"},{"name":"IZ73681","tags":["vendor-advisory","x_refsource_AIXAPAR","x_transferred"],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ73681"}]}]},"cveMetadata":{"assignerOrgId":"74586083-13ce-40fd-b46a-8e5d23cfbcb2","assignerShortName":"hp","cveId":"CVE-2010-1039","datePublished":"2010-05-20T17:00:00.000Z","dateReserved":"2010-03-19T00:00:00.000Z","dateUpdated":"2024-08-07T01:06:52.691Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}