Gentoo : Security Vulnerabilities, CVEs, Published In 2008 CVSS score >= 5

CVE-2008-4580

fence_manual, as used in fence 2.02.00-r1 and possibly cman, allows local users to modify arbitrary files via a symlink attack on the fence_manual.fifo temporary file.
Max CVSS
7.2
EPSS Score
0.04%
Published
2008-10-15
Updated
2023-02-13

CVE-2008-4394

Multiple untrusted search path vulnerabilities in Portage before 2.1.4.5 include the current working directory in the Python search path, which allows local users to execute arbitrary code via a modified Python module that is loaded by the (1) ys-apps/portage, (2) net-mail/fetchmail, (3) app-editors/leo ebuilds, and other ebuilds.
Max CVSS
6.9
EPSS Score
0.07%
Published
2008-10-10
Updated
2017-08-08

CVE-2008-1078

expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows local users to overwrite arbitrary files via a symlink attack on the expn[PID] temporary file. NOTE: this is the same issue as CVE-2003-0308.1.
Max CVSS
7.2
EPSS Score
0.04%
Published
2008-02-29
Updated
2023-02-13

CVE-2008-0386

Xdg-utils 1.0.2 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URL argument to (1) xdg-open or (2) xdg-email.
Max CVSS
6.8
EPSS Score
3.67%
Published
2008-02-04
Updated
2024-01-09
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close