4.6

CVE-2008-1215

Exploit
Stack-based buffer overflow in the command_Expand_Interpret function in command.c in ppp (aka user-ppp), as distributed in FreeBSD 6.3 and 7.0, OpenBSD 4.1 and 4.2, and the net/userppp package for NetBSD, allows local users to gain privileges via long commands containing "~" characters.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
FreebsdFreebsd Version6.3
FreebsdFreebsd Version7.0
OpenbsdOpenbsd Version4.1
OpenbsdOpenbsd Version4.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.79% 0.514
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.6 3.9 6.4
AV:L/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/29234
Vendor Advisory
http://secunia.com/advisories/29238
Vendor Advisory
http://secunia.com/advisories/29240
Vendor Advisory
http://www.openbsd.org/errata41.html#014_ppp
http://www.openbsd.org/errata42.html#009_ppp
http://www.securityfocus.com/archive/82/488980/30/0/threaded
Exploit
http://www.securityfocus.com/archive/82/489031/30/0/threaded
Exploit
http://www.securityfocus.com/bid/28090
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/41034