Vulnerability Name:

CVE-2010-4803 (CCN-67258)

Assigned:2011-04-15
Published:2011-04-15
Updated:2011-08-27
Summary:Mojolicious before 0.999927 does not properly implement HMAC-MD5 checksums, which has unspecified impact and remote attack vectors.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-20
Vulnerability Consequences:Other
References:Source: CONFIRM
Type: Patch
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622952

Source: CONFIRM
Type: UNKNOWN
http://cpansearch.perl.org/src/KRAIH/Mojolicious-1.20/Changes

Source: MITRE
Type: CNA
CVE-2010-4803

Source: DEBIAN
Type: UNKNOWN
DSA-2239

Source: DEBIAN
Type: DSA-2239
libmojolicious-perl -- several vulnerabilities

Source: CCN
Type: Mojolicious Web site
Mojolicious

Source: CCN
Type: OSVDB ID: 72453
Mojolicious HMAC-MD5 Checksum Weakness Unspecified Issue

Source: CCN
Type: BID-47714
Mojolicious CVE-2010-4803 HMAC-MD5 Checksums Unspecified Vulnerability

Source: XF
Type: UNKNOWN
mojolicious-hmacmd5-unspecified(67258)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:mojolicious:mojolicious:0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.8.1:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.8.2:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.8.3:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.8.4:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.8.5:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.8006:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.8007:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.8008:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.8009:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.9001:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.9002:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991231:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991232:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991233:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991234:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991235:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991236:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991237:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991238:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991239:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991240:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991241:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991242:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991243:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991244:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991245:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991246:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991250:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991251:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999901:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999902:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999903:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999904:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999905:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999906:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999907:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999908:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999909:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999910:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999911:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999912:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999913:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999914:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999920:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999921:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999922:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999923:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999924:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999925:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:*:*:*:*:*:*:*:* (Version <= 0.999926)

    • Configuration CCN 1:
  • cpe:/a:mojolicious:mojolicious:0.999926:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999925:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999924:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999923:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999922:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999921:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999920:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999914:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999912:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999913:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999910:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999911:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999908:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999909:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999906:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999907:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999904:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999905:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999902:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999903:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991251:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.999901:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991246:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991250:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991239:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991238:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991241:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991240:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991243:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991242:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991245:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991244:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991231:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.9002:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991233:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991232:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991235:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991234:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991237:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.991236:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.8.4:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.8.5:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.8006:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.8007:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.8008:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.8009:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.9001:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.8.1:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.8.2:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.8.3:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mojolicious:mojolicious:0.2:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:12316
    P
    		DSA-2239-1 libmojolicious-perl -- several
    2014-07-21
    BACK
    mojolicious mojolicious 0.2
    mojolicious mojolicious 0.3
    mojolicious mojolicious 0.4
    mojolicious mojolicious 0.5
    mojolicious mojolicious 0.6
    mojolicious mojolicious 0.7
    mojolicious mojolicious 0.8
    mojolicious mojolicious 0.8.1
    mojolicious mojolicious 0.8.2
    mojolicious mojolicious 0.8.3
    mojolicious mojolicious 0.8.4
    mojolicious mojolicious 0.8.5
    mojolicious mojolicious 0.9
    mojolicious mojolicious 0.8006
    mojolicious mojolicious 0.8007
    mojolicious mojolicious 0.8008
    mojolicious mojolicious 0.8009
    mojolicious mojolicious 0.9001
    mojolicious mojolicious 0.9002
    mojolicious mojolicious 0.991231
    mojolicious mojolicious 0.991232
    mojolicious mojolicious 0.991233
    mojolicious mojolicious 0.991234
    mojolicious mojolicious 0.991235
    mojolicious mojolicious 0.991236
    mojolicious mojolicious 0.991237
    mojolicious mojolicious 0.991238
    mojolicious mojolicious 0.991239
    mojolicious mojolicious 0.991240
    mojolicious mojolicious 0.991241
    mojolicious mojolicious 0.991242
    mojolicious mojolicious 0.991243
    mojolicious mojolicious 0.991244
    mojolicious mojolicious 0.991245
    mojolicious mojolicious 0.991246
    mojolicious mojolicious 0.991250
    mojolicious mojolicious 0.991251
    mojolicious mojolicious 0.999901
    mojolicious mojolicious 0.999902
    mojolicious mojolicious 0.999903
    mojolicious mojolicious 0.999904
    mojolicious mojolicious 0.999905
    mojolicious mojolicious 0.999906
    mojolicious mojolicious 0.999907
    mojolicious mojolicious 0.999908
    mojolicious mojolicious 0.999909
    mojolicious mojolicious 0.999910
    mojolicious mojolicious 0.999911
    mojolicious mojolicious 0.999912
    mojolicious mojolicious 0.999913
    mojolicious mojolicious 0.999914
    mojolicious mojolicious 0.999920
    mojolicious mojolicious 0.999921
    mojolicious mojolicious 0.999922
    mojolicious mojolicious 0.999923
    mojolicious mojolicious 0.999924
    mojolicious mojolicious 0.999925
    mojolicious mojolicious *
    mojolicious mojolicious 0.999926
    mojolicious mojolicious 0.999925
    mojolicious mojolicious 0.999924
    mojolicious mojolicious 0.999923
    mojolicious mojolicious 0.999922
    mojolicious mojolicious 0.999921
    mojolicious mojolicious 0.999920
    mojolicious mojolicious 0.999914
    mojolicious mojolicious 0.999912
    mojolicious mojolicious 0.999913
    mojolicious mojolicious 0.999910
    mojolicious mojolicious 0.999911
    mojolicious mojolicious 0.999908
    mojolicious mojolicious 0.999909
    mojolicious mojolicious 0.999906
    mojolicious mojolicious 0.999907
    mojolicious mojolicious 0.999904
    mojolicious mojolicious 0.999905
    mojolicious mojolicious 0.999902
    mojolicious mojolicious 0.999903
    mojolicious mojolicious 0.991251
    mojolicious mojolicious 0.999901
    mojolicious mojolicious 0.991246
    mojolicious mojolicious 0.991250
    mojolicious mojolicious 0.991239
    mojolicious mojolicious 0.991238
    mojolicious mojolicious 0.991241
    mojolicious mojolicious 0.991240
    mojolicious mojolicious 0.991243
    mojolicious mojolicious 0.991242
    mojolicious mojolicious 0.991245
    mojolicious mojolicious 0.991244
    mojolicious mojolicious 0.991231
    mojolicious mojolicious 0.9002
    mojolicious mojolicious 0.991233
    mojolicious mojolicious 0.991232
    mojolicious mojolicious 0.991235
    mojolicious mojolicious 0.991234
    mojolicious mojolicious 0.991237
    mojolicious mojolicious 0.991236
    mojolicious mojolicious 0.8.4
    mojolicious mojolicious 0.8.5
    mojolicious mojolicious 0.8006
    mojolicious mojolicious 0.8007
    mojolicious mojolicious 0.8008
    mojolicious mojolicious 0.8009
    mojolicious mojolicious 0.9
    mojolicious mojolicious 0.9001
    mojolicious mojolicious 0.4
    mojolicious mojolicious 0.5
    mojolicious mojolicious 0.6
    mojolicious mojolicious 0.7
    mojolicious mojolicious 0.8
    mojolicious mojolicious 0.8.1
    mojolicious mojolicious 0.8.2
    mojolicious mojolicious 0.8.3
    mojolicious mojolicious 0.3
    mojolicious mojolicious 0.2