Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2008-4190

Опубликовано: 24 сент. 2008
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 4.4

Описание

The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6.16, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the (1) ipseclive.conn and (2) ipsec.olts.remote.log temporary files. NOTE: in many distributions and the upstream version, this tool has been disabled.

РелизСтатусПримечание
dapper

ignored

end of life
devel

not-affected

1:2.4.12+dfsg-1.3
feisty

ignored

end of life, was needed
gutsy

ignored

end of life, was needed
hardy

ignored

end of life
intrepid

not-affected

1:2.4.12+dfsg-1.3
jaunty

not-affected

1:2.4.12+dfsg-1.3
karmic

not-affected

1:2.4.12+dfsg-1.3
lucid

not-affected

1:2.4.12+dfsg-1.3
maverick

not-affected

1:2.4.12+dfsg-1.3

Показывать по

Ссылки на источники

EPSS

Процентиль: 36%
0.00149
Низкий

4.4 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2008-4190

redhat
почти 17 лет назад

The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6.16, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the (1) ipseclive.conn and (2) ipsec.olts.remote.log temporary files. NOTE: in many distributions and the upstream version, this tool has been disabled.

nvd логотип

CVE-2008-4190

nvd
больше 16 лет назад

The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6.16, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the (1) ipseclive.conn and (2) ipsec.olts.remote.log temporary files. NOTE: in many distributions and the upstream version, this tool has been disabled.

debian логотип

CVE-2008-4190

debian
больше 16 лет назад

The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x thro ...

github логотип

GHSA-pqmw-hq69-w92w

github
около 3 лет назад

The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6.16, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the (1) ipseclive.conn and (2) ipsec.olts.remote.log temporary files. NOTE: in many distributions and the upstream version, this tool has been disabled.

fstec логотип

BDU:2015-09357

fstec
больше 16 лет назад

Уязвимость операционной системы Gentoo Linux, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 36%
0.00149
Низкий

4.4 Medium

CVSS2