5
CVE-2008-3168
- EPSS 1.04%
- Veröffentlicht 14.07.2008 23:41:00
- Zuletzt bearbeitet 16.06.2026 22:55:17
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginThe files utility in Empire Server before 4.3.15 discloses the world creation time, which makes it easier for attackers to determine the PRNG seed.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Empire Server ≫ Empire Server Version <= 4.3.11
Empire Server ≫ Empire Server Version4.2.10
Empire Server ≫ Empire Server Version4.2.11
Empire Server ≫ Empire Server Version4.2.12
Empire Server ≫ Empire Server Version4.2.13
Empire Server ≫ Empire Server Version4.2.14
Empire Server ≫ Empire Server Version4.2.15
Empire Server ≫ Empire Server Version4.2.16
Empire Server ≫ Empire Server Version4.2.17
Empire Server ≫ Empire Server Version4.2.18
Empire Server ≫ Empire Server Version4.2.19
Empire Server ≫ Empire Server Version4.2.20
Empire Server ≫ Empire Server Version4.2.21
Empire Server ≫ Empire Server Version4.2.22
Empire Server ≫ Empire Server Version4.2.23
Empire Server ≫ Empire Server Version4.3.0
Empire Server ≫ Empire Server Version4.3.10
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.04% | 0.596 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
http://freshmeat.net/projects/empserver/?branch_id=22267&release_id=280745
http://sourceforge.net/project/shownotes.php?group_id=24031&release_id=600111
http://www.securityfocus.com/bid/30152
https://exchange.xforce.ibmcloud.com/vulnerabilities/43653