← volver
CVE-2008-2517

CVE-2008-2517

EPSS 0.3%
The sarab.sh script in SaraB before 0.2.4 places the dar program's encryption key on the command line, which allows local users to obtain sensitive information by listing the process.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://sarab.svn.sourceforge.net/viewvc/sarab/sarab/sarab.sh?r1=34&r2=36http://sarab.svn.sourceforge.net/viewvc/sarab/sarab/sarab.sh?view=loghttp://secunia.com/advisories/30394https://exchange.xforce.ibmcloud.com/vulnerabilities/42621http://sourceforge.net/project/shownotes.php?release_id=601603&group_id=91804http://www.securityfocus.com/bid/29364http://www.vupen.com/english/advisories/2008/1659/references