Lucene search

[email protected]NVD:CVE-2008-4313

HistoryNov 27, 2008 - 12:30 a.m.

CVE-2008-4313

2008-11-2700:30:00

CWE-264

[email protected]

web.nvd.nist.gov

6 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

6.2 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.5%

JSON

A certain Red Hat patch for tog-pegasus in OpenGroup Pegasus 2.7.0 does not properly configure the PAM tty name, which allows remote authenticated users to bypass intended access restrictions and send requests to OpenPegasus WBEM services.

Affected configurations

NVD

Node

redhatenterprise_linuxMatch5.0server

redhatenterprise_linux_desktopMatch5.0client

AND

openpegasusopenpegasus_wbemMatch2.7.0

References

osvdb.org/50277

secunia.com/advisories/32862

www.redhat.com/support/errata/RHSA-2008-1001.html

www.securityfocus.com/bid/32460

www.securitytracker.com/id?1021283

admin.fedoraproject.org/updates/tog-pegasus-2.7.0-7.fc9

admin.fedoraproject.org/updates/tog-pegasus-2.7.1-3.fc10

bugzilla.redhat.com/show_bug.cgi?id=459217

exchange.xforce.ibmcloud.com/vulnerabilities/46829

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9556

6 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

6.2 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.5%

JSON

Related for NVD:CVE-2008-4313

veracode1 prion1 cve1 cvelist1 openvas3 oraclelinux1 redhat1 nessus4 centos1