← voltar
CVE-2008-2517

CVE-2008-2517

EPSS 0.3%
The sarab.sh script in SaraB before 0.2.4 places the dar program's encryption key on the command line, which allows local users to obtain sensitive information by listing the process.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://sarab.svn.sourceforge.net/viewvc/sarab/sarab/sarab.sh?r1=34&r2=36http://sarab.svn.sourceforge.net/viewvc/sarab/sarab/sarab.sh?view=loghttp://secunia.com/advisories/30394https://exchange.xforce.ibmcloud.com/vulnerabilities/42621http://sourceforge.net/project/shownotes.php?release_id=601603&group_id=91804http://www.securityfocus.com/bid/29364http://www.vupen.com/english/advisories/2008/1659/references