nvd-json-data-feeds/CVE-2008/CVE-2008-32xx/CVE-2008-3229.json

{
  "id": "CVE-2008-3229",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2008-07-18T16:41:00.000",
  "lastModified": "2017-08-08T01:31:41.730",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in op before Changeset 563, when xauth support is enabled, allows local users to gain privileges via a long XAUTHORITY environment variable."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado pila en versiones de op anteriores a changeset 563, cuando el soporte de xauth est\u00e1 activado, permite a usuarios locales obtener privilegios a trav\u00e9s de una variable de entorno XAUTHORITY excesivamente larga."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "accessVector": "LOCAL",
          "accessComplexity": "MEDIUM",
          "authentication": "NONE",
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.9
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "acInsufInfo": false,
        "obtainAllPrivilege": true,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:swapoff:op:1.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E5B09D3-5848-4269-9574-36521E0667C1"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:swapoff:op:1.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "A67E7264-E8F3-4A3A-B476-1C090A01FC50"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:swapoff:op:1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "C91F4524-646F-47B8-89E7-A1EF9E76477A"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:swapoff:op:1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAA77274-997F-4481-A184-2F3D0CA572F2"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:swapoff:op:1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "71B4C85D-145F-495C-8FE9-A0084ACA055E"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:swapoff:op:1.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "3790E8DA-C515-48D8-8699-DBB68B9F1ED5"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:swapoff:op:1.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "8391B195-120D-4B96-88F3-4D39FE3DBF37"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:swapoff:op:1.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DB76FB7-3B2A-4558-9E04-99F38E8479B1"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:swapoff:op:1.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "84391240-3FC8-4032-9933-462F70B14FE4"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:swapoff:op:1.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADD576DE-3A3A-437F-BA7A-2B97CBEF509E"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:swapoff:op:1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "B27F4F4A-9AF6-4899-A7D9-29588AB78BFC"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:swapoff:op:1.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CFF163E-A8FD-4EF9-B214-91C96175D8E0"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:swapoff:op:1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD313A7C-07D0-4AEC-AF2D-1DA499C98348"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:swapoff:op:1.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "0660F09A-BB50-461F-8B94-15A95D14C5DC"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:swapoff:op:1.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "422E4D96-78E5-4605-B99F-38825BCDB619"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://swapoff.org/changeset/563",
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ]
    },
    {
      "url": "http://www.openwall.com/lists/oss-security/2008/07/12/4",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.securityfocus.com/bid/30226",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43836",
      "source": "cve@mitre.org"
    }
  ]
}