Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2359

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2008-2359
Last Modified 10 Feb 2009 12:00:00
Published 02 Jun 2008 05:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-2359

Summary

The default configuration of consolehelper in system-config-network before 1.5.10-1 on Fedora 8 lacks the USER=root directive, which allows local users of the workstation console to gain privileges and change the network configuration.

Vulnerable Systems

Operating System

  • Fedora 8 Consolehelper 1.4.4

  • Fedora 8 Consolehelper 1.4.5

  • Fedora 8 Consolehelper 1.4.6

  • Fedora 8 Consolehelper 1.4.7

  • Fedora 8 Consolehelper 1.5.0

  • Fedora 8 Consolehelper 1.5.1

  • Fedora 8 Consolehelper 1.5.10

  • Fedora 8 Consolehelper 1.5.2

  • Fedora 8 Consolehelper 1.5.3

  • Fedora 8 Consolehelper 1.5.4

  • Fedora 8 Consolehelper 1.5.5

  • Fedora 8 Consolehelper 1.5.6

  • Fedora 8 Consolehelper 1.5.7

  • Fedora 8 Consolehelper 1.5.8

  • Fedora 8 Consolehelper 1.5.9

  • Redhat Fedora 8 1.4.4

  • Redhat Fedora 8 1.4.5

  • Redhat Fedora 8 1.4.6

  • Redhat Fedora 8 1.4.7

  • Redhat Fedora 8 1.5.

  • Redhat Fedora 8 1.5.0

  • Redhat Fedora 8 1.5.1

  • Redhat Fedora 8 1.5.10

  • Redhat Fedora 8 1.5.2

  • Redhat Fedora 8 1.5.3

  • Redhat Fedora 8 1.5.4

  • Redhat Fedora 8 1.5.5

  • Redhat Fedora 8 1.5.6

  • Redhat Fedora 8 1.5.7

  • Redhat Fedora 8 1.5.8

  • Redhat Fedora 8 1.5.9


References

FEDORA - FEDORA-2008-4633

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=448557

XF - fedora-consolehelper-privilege-escalation(42867)

SECUNIA - 30399


Last Updated: 27 May 2016 10:47:50