Lucene search

[email protected]CVE-2008-4638

HistoryOct 21, 2008 - 6:00 p.m.

CVE-2008-4638

2008-10-2118:00:00

CWE-200

[email protected]

web.nvd.nist.gov

vxfs

qioadmin

symantec

veritas

file system

hp-ux

solaris

linux

aix

cve-2008-4638

nvd

6.5 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:S/C:C/I:N/A:N

0.0004 Low

EPSS

Percentile

5.2%

JSON

qioadmin in the Quick I/O for Database feature in Symantec Veritas File System (VxFS) on HP-UX, and before 5.0 MP3 on Solaris, Linux, and AIX, allows local users to read arbitrary files by causing qioadmin to write a file’s content to standard error in an error message.

CPENameOperatorVersion
symantec:veritas_file_systemsymantec veritas file systemeq5.0
symantec:veritas_file_systemsymantec veritas file systemequnknown

CPE	Name	Operator	Version
symantec:veritas_file_system	symantec veritas file system	eq	5.0
symantec:veritas_file_system	symantec veritas file system	eq	unknown

References

seer.entsupport.symantec.com/docs/310872.htm

www.security-objectives.com/advisories/SECOBJSADV-2008-05.txt

www.securityfocus.com/archive/1/497675/100/0/threaded

www.securityfocus.com/bid/31679

www.symantec.com/avcenter/security/Content/2008.10.20.html

www.vupen.com/english/advisories/2008/2875

exchange.xforce.ibmcloud.com/vulnerabilities/46009

6.5 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:S/C:C/I:N/A:N

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2008-4638

securityvulns2 prion1