UBUNTU-CVE-2017-10140
- Source
- https://ubuntu.com/security/CVE-2017-10140
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2017/UBUNTU-CVE-2017-10140.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2017-10140
- Upstream
- Downstream
- Related
- Published
- 2017-08-14T00:00:00Z
- Modified
- 2025-09-08T16:44:18Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 might allow local users to gain privileges by leveraging undocumented functionality in Berkeley DB 2.x and later, related to reading settings from DB_CONFIG in the current directory.
- References
Affected packages
Ubuntu:14.04:LTS / db5.3
Package
- Name
- db5.3
- Purl
- pkg:deb/ubuntu/db5.3@5.3.28-3ubuntu3.1?arch=source&distro=trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.3.28-3ubuntu3.1
Ecosystem specific
{
"binaries": [
{
"binary_version": "5.3.28-3ubuntu3.1",
"binary_name": "db5.3-sql-util"
},
{
"binary_version": "5.3.28-3ubuntu3.1",
"binary_name": "db5.3-util"
},
{
"binary_version": "5.3.28-3ubuntu3.1",
"binary_name": "libdb5.3"
},
{
"binary_version": "5.3.28-3ubuntu3.1",
"binary_name": "libdb5.3++"
},
{
"binary_version": "5.3.28-3ubuntu3.1",
"binary_name": "libdb5.3++-dev"
},
{
"binary_version": "5.3.28-3ubuntu3.1",
"binary_name": "libdb5.3-dev"
},
{
"binary_version": "5.3.28-3ubuntu3.1",
"binary_name": "libdb5.3-java"
},
{
"binary_version": "5.3.28-3ubuntu3.1",
"binary_name": "libdb5.3-java-dev"
},
{
"binary_version": "5.3.28-3ubuntu3.1",
"binary_name": "libdb5.3-java-gcj"
},
{
"binary_version": "5.3.28-3ubuntu3.1",
"binary_name": "libdb5.3-java-jni"
},
{
"binary_version": "5.3.28-3ubuntu3.1",
"binary_name": "libdb5.3-sql"
},
{
"binary_version": "5.3.28-3ubuntu3.1",
"binary_name": "libdb5.3-sql-dev"
},
{
"binary_version": "5.3.28-3ubuntu3.1",
"binary_name": "libdb5.3-stl"
},
{
"binary_version": "5.3.28-3ubuntu3.1",
"binary_name": "libdb5.3-stl-dev"
},
{
"binary_version": "5.3.28-3ubuntu3.1",
"binary_name": "libdb5.3-tcl"
}
],
"availability": "No subscription required"
}
Ubuntu:16.04:LTS / db5.3
Package
- Name
- db5.3
- Purl
- pkg:deb/ubuntu/db5.3@5.3.28-11ubuntu0.1?arch=source&distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.3.28-11ubuntu0.1
Ecosystem specific
{
"binaries": [
{
"binary_version": "5.3.28-11ubuntu0.1",
"binary_name": "db5.3-sql-util"
},
{
"binary_version": "5.3.28-11ubuntu0.1",
"binary_name": "db5.3-util"
},
{
"binary_version": "5.3.28-11ubuntu0.1",
"binary_name": "libdb5.3"
},
{
"binary_version": "5.3.28-11ubuntu0.1",
"binary_name": "libdb5.3++"
},
{
"binary_version": "5.3.28-11ubuntu0.1",
"binary_name": "libdb5.3++-dev"
},
{
"binary_version": "5.3.28-11ubuntu0.1",
"binary_name": "libdb5.3-dev"
},
{
"binary_version": "5.3.28-11ubuntu0.1",
"binary_name": "libdb5.3-java"
},
{
"binary_version": "5.3.28-11ubuntu0.1",
"binary_name": "libdb5.3-java-dev"
},
{
"binary_version": "5.3.28-11ubuntu0.1",
"binary_name": "libdb5.3-java-gcj"
},
{
"binary_version": "5.3.28-11ubuntu0.1",
"binary_name": "libdb5.3-java-jni"
},
{
"binary_version": "5.3.28-11ubuntu0.1",
"binary_name": "libdb5.3-sql"
},
{
"binary_version": "5.3.28-11ubuntu0.1",
"binary_name": "libdb5.3-sql-dev"
},
{
"binary_version": "5.3.28-11ubuntu0.1",
"binary_name": "libdb5.3-stl"
},
{
"binary_version": "5.3.28-11ubuntu0.1",
"binary_name": "libdb5.3-stl-dev"
},
{
"binary_version": "5.3.28-11ubuntu0.1",
"binary_name": "libdb5.3-tcl"
}
],
"availability": "No subscription required"
}
Ubuntu:18.04:LTS / db5.3
Package
- Name
- db5.3
- Purl
- pkg:deb/ubuntu/db5.3@5.3.28-13.1?arch=source&distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.3.28-13.1
Ecosystem specific
{
"binaries": [
{
"binary_version": "5.3.28-13.1",
"binary_name": "db5.3-sql-util"
},
{
"binary_version": "5.3.28-13.1",
"binary_name": "db5.3-util"
},
{
"binary_version": "5.3.28-13.1",
"binary_name": "libdb5.3"
},
{
"binary_version": "5.3.28-13.1",
"binary_name": "libdb5.3++"
},
{
"binary_version": "5.3.28-13.1",
"binary_name": "libdb5.3++-dev"
},
{
"binary_version": "5.3.28-13.1",
"binary_name": "libdb5.3-dev"
},
{
"binary_version": "5.3.28-13.1",
"binary_name": "libdb5.3-java"
},
{
"binary_version": "5.3.28-13.1",
"binary_name": "libdb5.3-java-dev"
},
{
"binary_version": "5.3.28-13.1",
"binary_name": "libdb5.3-java-jni"
},
{
"binary_version": "5.3.28-13.1",
"binary_name": "libdb5.3-sql"
},
{
"binary_version": "5.3.28-13.1",
"binary_name": "libdb5.3-sql-dev"
},
{
"binary_version": "5.3.28-13.1",
"binary_name": "libdb5.3-stl"
},
{
"binary_version": "5.3.28-13.1",
"binary_name": "libdb5.3-stl-dev"
},
{
"binary_version": "5.3.28-13.1",
"binary_name": "libdb5.3-tcl"
}
],
"availability": "No subscription required"
}