Lucene search
HistoryNov 26, 2008 - 11:30 p.m.
CVE-2008-2378
cve-2008-2378
untrusted search path vulnerability
hfkernel
hf 0.7.3
hf 0.8
local users
privileges
trojan horse
killall program
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
6.3 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Untrusted search path vulnerability in hfkernel in hf 0.7.3 and 0.8 allows local users to gain privileges via a Trojan horse killall program in a directory in the PATH, related to improper handling of the -k option.
Affected configurations
Node
hfhfMatch0.7.3
ORhfhfMatch0.8
Related
ubuntucve
ubuntucve
CVE-2008-2378
2008-11-26 00:00:00
nessus
nessus
Debian DSA-1668-1 : hf - programming error
2008-11-24 00:00:00
cvelist
cvelist
CVE-2008-2378
2008-11-26 23:00:00
debian
debian
[SECURITY] [DSA 1668-1] New hf packages fix execution of arbitrary code
2008-11-22 10:59:48
openvas
openvas
Debian Security Advisory DSA 1668-1 (hf)
2008-11-24 00:00:00
Debian: Security Advisory (DSA-1668-1)
2008-11-24 00:00:00
nvd
nvd
CVE-2008-2378
2008-11-26 23:30:00
prion
prion
Design/Logic Flaw
2008-11-26 23:30:00
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
6.3 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2008-2378