TROYANOSYVIRUS
Back to CVEs

CVE-2010-2953

N/A

Description

Untrusted search path vulnerability in a certain Debian GNU/Linux patch for the couchdb script in CouchDB 0.8.0 allows local users to gain privileges via a crafted shared library in the current working directory.

CVE Details

CVSS v3.1 ScoreN/A
Published9/14/2010
Last Modified4/29/2026
Sourcenvd
Honeypot Sightings0

Affected Products

apache:couchdb

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=594412(secalert@redhat.com)
http://secunia.com/advisories/41383(secalert@redhat.com)
http://www.debian.org/security/2010/dsa-2107(secalert@redhat.com)
http://www.nth-dimension.org.uk/blog.php?id=87(secalert@redhat.com)
http://www.openwall.com/lists/oss-security/2010/08/25/7(secalert@redhat.com)
http://www.openwall.com/lists/oss-security/2010/08/26/1(secalert@redhat.com)
http://www.openwall.com/lists/oss-security/2010/08/26/5(secalert@redhat.com)
http://www.openwall.com/lists/oss-security/2010/08/29/4(secalert@redhat.com)
http://www.securityfocus.com/bid/42758(secalert@redhat.com)
http://www.vupen.com/english/advisories/2010/2341(secalert@redhat.com)
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=594412(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/41383(af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2010/dsa-2107(af854a3a-2127-422b-91ae-364da2661108)
http://www.nth-dimension.org.uk/blog.php?id=87(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2010/08/25/7(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2010/08/26/1(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2010/08/26/5(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2010/08/29/4(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/42758(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2010/2341(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.