mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 01:02:25 +00:00
128 lines
3.9 KiB
JSON
128 lines
3.9 KiB
JSON
{
|
|
"id": "CVE-2008-1215",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2008-03-09T02:44:00.000",
|
|
"lastModified": "2017-08-08T01:29:58.120",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Stack-based buffer overflow in the command_Expand_Interpret function in command.c in ppp (aka user-ppp), as distributed in FreeBSD 6.3 and 7.0, OpenBSD 4.1 and 4.2, and the net/userppp package for NetBSD, allows local users to gain privileges via long commands containing \"~\" characters."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Desbordamiento de b\u00fafer basado en pila en la funci\u00f3n command_Expand_Interpret de command.c en ppp (aka user-ppp), como se distribuy\u00f3 en FreeBSD 6.3 y 7.0, OpenBSD 4.1 y 4.2, y el paquete net/userppp para NetBSD, permite a usuarios locales obtener privilegios a trav\u00e9s de comandos largos que contienen los caracteres \"~\"."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
|
|
"accessVector": "LOCAL",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "PARTIAL",
|
|
"baseScore": 4.6
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 6.4,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-264"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F702C46F-CA02-4FA2-B7D6-C61C2C095679"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "47E0A416-733A-4616-AE08-150D67FCEA70"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B55E4B92-88E0-41F0-AFA7-046A8D34A2CA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:openbsd:openbsd:4.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "16C117F3-3684-4683-9F9E-CEDD5B88F9CA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:openbsd:openbsd:4.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9DF8DD37-A337-4E9D-A34E-C2D561A24285"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://www.openbsd.org/errata41.html#014_ppp",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.openbsd.org/errata42.html#009_ppp",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/82/488980/30/0/threaded",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Exploit"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/82/489031/30/0/threaded",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Exploit"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/28090",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Exploit"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41034",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |