// For flags

CVE-2010-0292

 

Severity Score

5.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The read_from_cmd_socket function in cmdmon.c in chronyd in Chrony before 1.23.1, and 1.24-pre1, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by sending a spoofed cmdmon packet that triggers a continuous exchange of NOHOSTACCESS messages between two daemons, a related issue to CVE-2009-3563.

La función read_from_cmd_socket function en cmdmon.c en chronyd en Chrony anterior a v1.23.1, y v1.24-pre1, permite a atacantes remotos provocar una denegación de servicio (Consumo de CPU y ancho de banda) mediante el envío de un paquete cmdmon modificado que provoca un intercambio continuo de mensajes NOHOSTACCESS entre dos demonios. Relacionado con CVE-2009-3563.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2010-01-12 CVE Reserved
  • 2010-02-05 CVE Published
  • 2024-09-16 CVE Updated
  • 2024-09-17 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-399: Resource Management Errors
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Tuxfamily
Search vendor "Tuxfamily"
Chrony
Search vendor "Tuxfamily" for product "Chrony"
<= 1.23-pre1
Search vendor "Tuxfamily" for product "Chrony" and version " <= 1.23-pre1"
-
Affected
Tuxfamily
Search vendor "Tuxfamily"
Chrony
Search vendor "Tuxfamily" for product "Chrony"
1.18
Search vendor "Tuxfamily" for product "Chrony" and version "1.18"
-
Affected
Tuxfamily
Search vendor "Tuxfamily"
Chrony
Search vendor "Tuxfamily" for product "Chrony"
1.19
Search vendor "Tuxfamily" for product "Chrony" and version "1.19"
-
Affected
Tuxfamily
Search vendor "Tuxfamily"
Chrony
Search vendor "Tuxfamily" for product "Chrony"
1.19-1
Search vendor "Tuxfamily" for product "Chrony" and version "1.19-1"
-
Affected
Tuxfamily
Search vendor "Tuxfamily"
Chrony
Search vendor "Tuxfamily" for product "Chrony"
1.19.99.1
Search vendor "Tuxfamily" for product "Chrony" and version "1.19.99.1"
-
Affected
Tuxfamily
Search vendor "Tuxfamily"
Chrony
Search vendor "Tuxfamily" for product "Chrony"
1.19.99.2
Search vendor "Tuxfamily" for product "Chrony" and version "1.19.99.2"
-
Affected
Tuxfamily
Search vendor "Tuxfamily"
Chrony
Search vendor "Tuxfamily" for product "Chrony"
1.19.99.3
Search vendor "Tuxfamily" for product "Chrony" and version "1.19.99.3"
-
Affected
Tuxfamily
Search vendor "Tuxfamily"
Chrony
Search vendor "Tuxfamily" for product "Chrony"
1.20
Search vendor "Tuxfamily" for product "Chrony" and version "1.20"
-
Affected
Tuxfamily
Search vendor "Tuxfamily"
Chrony
Search vendor "Tuxfamily" for product "Chrony"
1.21
Search vendor "Tuxfamily" for product "Chrony" and version "1.21"
-
Affected
Tuxfamily
Search vendor "Tuxfamily"
Chrony
Search vendor "Tuxfamily" for product "Chrony"
1.21-pre1
Search vendor "Tuxfamily" for product "Chrony" and version "1.21-pre1"
-
Affected
Tuxfamily
Search vendor "Tuxfamily"
Chrony
Search vendor "Tuxfamily" for product "Chrony"
1.24-pre1
Search vendor "Tuxfamily" for product "Chrony" and version "1.24-pre1"
-
Affected