Vulnerability Details : CVE-2008-1628
Stack-based buffer overflow in the audit_log_user_command function in lib/audit_logging.c in Linux Audit before 1.7 might allow remote attackers to execute arbitrary code via a long command argument. NOTE: some of these details are obtained from third party information.
Vulnerability category: OverflowExecute code
Products affected by CVE-2008-1628
- cpe:2.3:a:linux:audit:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2008-1628
1.29%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 86 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2008-1628
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.1
|
MEDIUM | AV:L/AC:M/Au:S/C:P/I:P/A:P |
2.7
|
6.4
|
NIST |
CWE ids for CVE-2008-1628
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
-
Assigned by: nvd@nist.gov (Primary)
Vendor statements for CVE-2008-1628
-
Red Hat 2008-04-04This issue did not affect the audit packages as shipped with Red Hat Enterprise Linux 4. Red Hat is not treating this issue as a security vulnerability for Red Hat Enterprise Linux 5 as no application used the affected interface, and the only result is a controlled application termination as the overflow is detected by the FORTIFY_SOURCE protection mechanism. We plan to address this as non-security bug fix in updated audit packages for Red Hat Enterprise Linux 5.2. For further details, please see: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-1628
References for CVE-2008-1628
-
http://people.redhat.com/sgrubb/audit/ChangeLog
-
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html
[security-announce] SUSE Security Summary Report SUSE-SR:2008:010 - openSUSE Security Announce - openSUSE Mailing Lists
-
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00200.html
[SECURITY] Fedora 8 Update: audit-1.6.8-4.fc8
-
http://www.securityfocus.com/bid/28524
-
https://www.redhat.com/archives/linux-audit/2008-March/msg00138.html
audit 1.7 released
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/41576
Linux Audit audit_log_user_command() buffer overflow CVE-2008-1628 Vulnerability Report
-
http://security.gentoo.org/glsa/glsa-200807-14.xml
Linux Audit: Buffer overflow (GLSA 200807-14) — Gentoo security
-
http://www.mandriva.com/security/advisories?name=MDVSA-2008:083
Mandriva
-
http://www.vupen.com/english/advisories/2008/1052/references
Site en construction
-
http://www.securitytracker.com/id?1019824
Access Denied
Jump to