Vulnerability Details : CVE-2008-1383
The docert function in ssl-cert.eclass, when used by src_compile or src_install on Gentoo Linux, stores the SSL key in a binpkg, which allows local users to extract the key from the binpkg, and causes multiple systems that use this binpkg to have the same SSL key and certificate.
Exploit prediction scoring system (EPSS) score for CVE-2008-1383
Probability of exploitation activity in the next 30 days: 0.04%
CVSS scores for CVE-2008-1383
|Base Score||Base Severity||CVSS Vector||Exploitability Score||Impact Score||Source|
CWE ids for CVE-2008-1383
Assigned by: [email protected] (Primary)