Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2378

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2008-2378
Last Modified 03 Dec 2008 01:39:43
Published 26 Nov 2008 06:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-2378

Summary

Untrusted search path vulnerability in hfkernel in hf 0.7.3 and 0.8 allows local users to gain privileges via a Trojan horse killall program in a directory in the PATH, related to improper handling of the -k option.

Vulnerable Systems

Application

  • Hf 0.7.3

  • Hf 0.8


References

BID - 32421

DEBIAN - DSA-1668

SECUNIA - 32855

XF - hf-hfkernel-privilege-escalation(46806)

SECUNIA - 32831

OSVDB - 50231

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504182


Last Updated: 27 May 2016 10:47:50