Lucene search

PRIOn knowledge basePRION:CVE-2008-3248

HistoryOct 21, 2008 - 6:00 p.m.

Information disclosure

2008-10-2118:00:00

PRIOn knowledge base

www.prio-n.com

6.3 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:S/C:C/I:N/A:N

0.0004 Low

EPSS

Percentile

5.4%

JSON

qiomkfile in the Quick I/O for Database feature in Symantec Veritas File System (VxFS) on HP-UX, and before 5.0 MP3 on Solaris, Linux, and AIX, does not initialize filesystem blocks during creation of a file, which allows local users to obtain sensitive information by creating and then reading files.

CPENameOperatorVersion
veritas_file_systemeq5.0 mp2-aix
veritas_file_systemeq5.0 mp2-linux
veritas_file_systemeq5.0 mp2-solaris

Name	Operator	Version
veritas_file_system	eq	5.0 mp2-aix
veritas_file_system	eq	5.0 mp2-linux
veritas_file_system	eq	5.0 mp2-solaris

References

secunia.com/advisories/32332

seer.entsupport.symantec.com/docs/310872.htm

www.security-objectives.com/advisories/SECOBJADV-2008-04.txt

www.security-objectives.com/advisories/SECOBJSADV-2008-04.txt

www.securityfocus.com/archive/1/497626/100/0/threaded

www.securityfocus.com/bid/31678

www.securitytracker.com/id?1021074

www.symantec.com/avcenter/security/Content/2008.10.20.html

www.vupen.com/english/advisories/2008/2875

exchange.xforce.ibmcloud.com/vulnerabilities/46008

6.3 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:S/C:C/I:N/A:N

0.0004 Low

EPSS

Percentile

5.4%

JSON

Related for PRION:CVE-2008-3248