Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3277

Overview

Vulnerability Score 4.4 4.4
CVE Id CVE-2008-3277
Last Modified 16 Apr 2014 10:57:36
Published 15 Apr 2014 07:55:06
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3277

Summary

Untrusted search path vulnerability in a certain Red Hat build script for the ibmssh executable in ibutils packages before ibutils-1.5.7-2.el6 in Red Hat Enterprise Linux (RHEL) 6 and ibutils-1.2-11.2.el5 in Red Hat Enterprise Linux (RHEL) 5 allows local users to gain privileges via a Trojan Horse program in refix/lib/, related to an incorrect RPATH setting in the ELF header.

Vulnerable Systems

Application

  • Openfabrics Ibutils 1.2-11.2

  • Openfabrics Ibutils 1.5.7-2


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=457935

REDHAT - RHSA-2012:0311

Related Patches

Red Hat 2012:0311-03 RHSA Low: ibutils security and bug fix update for RHEL 5 x86

Red Hat 2012:0311-03 RHSA Low: ibutils security and bug fix update for RHEL 5 x86_64


Last Updated: 27 May 2016 11:05:00