DEBIAN-CVE-2010-0015

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2010-0015

Import Source

https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2010-0015.json

JSON Data

https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2010-0015

Upstream

CVE-2010-0015

Published

2010-01-14T18:30:00Z

Modified

2025-09-19T06:04:14Z

Summary

[none]

Details

nis/nss_nis/nis-pwd.c in the GNU C Library (aka glibc or libc6) 2.7 and Embedded GLIBC (EGLIBC) 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted passwords of NIS accounts by calling the getpwnam function.

References

https://security-tracker.debian.org/tracker/CVE-2010-0015

Affected packages

Debian:11 / glibc

Package

Name: glibc
Purl: pkg:deb/debian/glibc?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.10.2-4

Ecosystem specific

{
    "urgency": "medium"
}

Debian:12 / glibc

Package

Name: glibc
Purl: pkg:deb/debian/glibc?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.10.2-4

Ecosystem specific

{
    "urgency": "medium"
}

Debian:13 / glibc

Package

Name: glibc
Purl: pkg:deb/debian/glibc?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.10.2-4

Ecosystem specific

{
    "urgency": "medium"
}

Debian:14 / glibc

Package

Name: glibc
Purl: pkg:deb/debian/glibc?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.10.2-4

Ecosystem specific

{
    "urgency": "medium"
}