Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/03 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2008-4865

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Untrusted search path vulnerability in valgrind before 3.4.0 allows local users to execute arbitrary programs via a Trojan horse .valgrindrc file in the current...

7.2CVSS6AI score0.00433EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2011/01/27 12:0 a.m.17 views

SuSE 10 Security Update : valgrind (ZYPP Patch Number 5803)

valgrind reads a file .valgrindrc in the current directory. Therefore local users could place such a file a world-writable directory such as /tmp and influence other users' valgrind when it's executed there. CVE-2008-4865 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description o...

7.2CVSS5.3AI score0.00433EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2009/07/21 12:0 a.m.24 views

openSUSE Security Update : valgrind (valgrind-321)

valgrind reads a file .valgrindrc in the current directory. Therefore local users could place such a file a world-writable directory such as /tmp and influence other users' valgrind when it's executed there CVE-2008-4865. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text a...

7.2CVSS5.3AI score0.00433EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2008/12/01 12:0 a.m.28 views

openSUSE 10 Security Update : valgrind (valgrind-5809)

valgrind reads a file .valgrindrc in the current directory. Therefore local users could place such a file a world-writable directory such as /tmp and influence other users' valgrind when it's executed there CVE-2008-4865. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text a...

7.2CVSS5.3AI score0.00433EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2008/11/01 12:0 a.m.20 views

CVE-2008-4865

Untrusted search path vulnerability in valgrind before 3.4.0 allows local users to execute arbitrary programs via a Trojan horse .valgrindrc file in the current working directory, as demonstrated using a malicious --db-command options. NOTE: the severity of this issue has been disputed, but CVE i...

7.2CVSS6.3AI score0.00433EPSS
Exploits0References1
CVE
CVE
added 2008/10/31 10:0 p.m.72 views

CVE-2008-4865

CVE-2008-4865 concerns Valgrind prior to version 3.4.0. The vulnerability is an untrusted search path issue: a Trojan horse named ".valgrindrc" in the current working directory can be read by Valgrind, allowing a local user to influence execution (e.g., via a malicious --db-command). The availabl...

7.2CVSS6.6AI score0.00433EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder