6
CVE-2008-4313
- EPSS 1.41%
- Veröffentlicht 27.11.2008 00:30:00
- Zuletzt bearbeitet 16.06.2026 22:57:34
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
A certain Red Hat patch for tog-pegasus in OpenGroup Pegasus 2.7.0 does not properly configure the PAM tty name, which allows remote authenticated users to bypass intended access restrictions and send requests to OpenPegasus WBEM services.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Redhat ≫ Enterprise Linux Version5.0 Editionserver
Redhat ≫ Enterprise Linux Desktop Version5.0 Editionclient
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.41% | 0.692 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6 | 6.8 | 6.4 |
AV:N/AC:M/Au:S/C:P/I:P/A:P
|
http://osvdb.org/50277
http://secunia.com/advisories/32862
http://www.redhat.com/support/errata/RHSA-2008-1001.html
http://www.securityfocus.com/bid/32460
http://www.securitytracker.com/id?1021283
https://admin.fedoraproject.org/updates/tog-pegasus-2.7.0-7.fc9
https://admin.fedoraproject.org/updates/tog-pegasus-2.7.1-3.fc10
https://bugzilla.redhat.com/show_bug.cgi?id=459217
https://exchange.xforce.ibmcloud.com/vulnerabilities/46829
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9556