Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4638

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2008-4638
Last Modified 10 Aug 2011 12:00:00
Published 21 Oct 2008 02:00:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2008-4638

Summary

qioadmin in the Quick I/O for Database feature in Symantec Veritas File System (VxFS) on HP-UX, and before 5.0 MP3 on Solaris, Linux, and AIX, allows local users to read arbitrary files by causing qioadmin to write a file's content to standard error in an error message.

Vulnerable Systems

Application

  • Symantec Veritas File System 5.0

  • Symantec Veritas File System Unknown


References

CONFIRM - http://www.symantec.com/avcenter/security/Content/2008.10.20.html

CONFIRM - http://seer.entsupport.symantec.com/docs/310872.htm

XF - symantec-vxfs-qioadmin-info-disclosure(46009)

VUPEN - ADV-2008-2875

BID - 31679

BUGTRAQ - 20081022 SECOBJADV-2008-05: Symantec Veritas Storage Foundation Arbitrary File Read Vulnerability

MISC - http://www.security-objectives.com/advisories/SECOBJSADV-2008-05.txt


Last Updated: 27 May 2016 10:48:34