Lucene search

[email protected]CVE-2008-2234

HistoryAug 18, 2008 - 5:41 p.m.

CVE-2008-2234

2008-08-1817:41:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-2234

openwsman

buffer overflow

remote code execution

nvd

7.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.176 Low

EPSS

Percentile

96.1%

JSON

Multiple buffer overflows in Openwsman 1.2.0 and 2.0.0 allow remote attackers to execute arbitrary code via a crafted “Authorization: Basic” HTTP header.

CPENameOperatorVersion
openwsman:openwsmanopenwsmaneq1.2.0
openwsman:openwsmanopenwsmaneq2.0.0

CPE	Name	Operator	Version
openwsman:openwsman	openwsman	eq	1.2.0
openwsman:openwsman	openwsman	eq	2.0.0

References

lists.opensuse.org/opensuse-security-announce/2008-08/msg00003.html

lists.vmware.com/pipermail/security-announce/2008/000034.html

secunia.com/advisories/31410

secunia.com/advisories/31429

secunia.com/advisories/31942

www.securityfocus.com/archive/1/496528/100/0/threaded

www.securityfocus.com/bid/30694

www.vmware.com/security/advisories/VMSA-2008-0015.html

www.vupen.com/english/advisories/2008/2397

www.vupen.com/english/advisories/2008/2624

exchange.xforce.ibmcloud.com/vulnerabilities/44481

exchange.xforce.ibmcloud.com/vulnerabilities/44484

7.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.176 Low

EPSS

Percentile

96.1%

JSON

Related for CVE-2008-2234

saint4 nessus3 cvelist1 vmware2 checkpoint_advisories3 prion1 securityvulns2 seebug1 suse1 openvas1