Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2008-5135
HistoryNov 18, 2008 - 4:00 p.m.

CVE-2008-5135

2008-11-1816:00:01
CWE-59
[email protected]
web.nvd.nist.gov
3

CVSS2

6.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

AI Score

6.4

Confidence

High

EPSS

0

Percentile

5.1%

JSON

os-prober in os-prober 1.17 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/mounted-map or (2) /tmp/raided-map temporary file. NOTE: the vendor disputes this issue, stating "the insecure code path should only ever run inside a d-i environment, which has no non-root users.

Affected configurations

Nvd
Node
debianos-proberMatch1.17
VendorProductVersionCPE
debianos-prober1.17cpe:2.3:a:debian:os-prober:1.17:*:*:*:*:*:*:*

Related

cvelist 1
ubuntucve 1
debiancve 1
cve 1
prion 1
avleonov 1
cvelist
cvelist
CVE-2008-5135
2008-11-18 15:00:00
ubuntucve
ubuntucve
CVE-2008-5135
2008-11-18 00:00:00
debiancve
debiancve
CVE-2008-5135
2008-11-18 16:00:01
cve
cve
CVE-2008-5135
2008-11-18 16:00:01
prion
prion
Design/Logic Flaw
2008-11-18 16:00:00
avleonov
avleonov
Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs
2022-12-30 18:03:13

CVSS2

6.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

AI Score

6.4

Confidence

High

EPSS

0

Percentile

5.1%

JSON
Related for NVD:CVE-2008-5135
cvelist1ubuntucve1debiancve1cve1prion1avleonov1