Lucene search
HistoryJul 18, 2008 - 4:41 p.m.
CVE-2008-3229
cve
2008
3229
buffer overflow
op
changeset 563
xauth
privilege escalation
nvd
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
7 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Stack-based buffer overflow in op before Changeset 563, when xauth support is enabled, allows local users to gain privileges via a long XAUTHORITY environment variable.
Affected configurations
Node
swapoffopMatch1.1.10
ORswapoffopMatch1.1.19
ORswapoffopMatch1.20
ORswapoffopMatch1.21
ORswapoffopMatch1.22
ORswapoffopMatch1.23
ORswapoffopMatch1.24
ORswapoffopMatch1.25
ORswapoffopMatch1.26
ORswapoffopMatch1.27
ORswapoffopMatch1.28
ORswapoffopMatch1.29
ORswapoffopMatch1.30
ORswapoffopMatch1.31
ORswapoffopMatch1.32
References
Social References
More
Related
ubuntucve
ubuntucve
CVE-2008-3229
2008-07-18 00:00:00
cvelist
cvelist
CVE-2008-3229
2008-07-18 16:00:00
prion
prion
Stack overflow
2008-07-18 16:41:00
nvd
nvd
CVE-2008-3229
2008-07-18 16:41:00
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
7 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2008-3229