ID CVE-2008-3278
Summary frysk packages through 2008-08-05 as shipped in Red Hat Enterprise Linux 5 are built with an insecure RPATH set in the ELF header of multiple binaries in /usr/bin/f* (e.g. fcore, fcatch, fstack, fstep, ...) shipped in the package. A local attacker can exploit this vulnerability by running arbitrary code as another user.
References
Vulnerable Configurations
  • cpe:2.3:a:redhat:frysk:-:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:frysk:-:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:frysk:2008-08-05:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:frysk:2008-08-05:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
CVSS
Base: 4.6
Impact:
Exploitability:
CWE CWE-1188
CAPEC
Access
VectorComplexityAuthentication
Impact
ConfidentialityIntegrityAvailability
Last major update 07-11-2019 - 23:15
Published 07-11-2019 - 23:15
Last modified 13-11-2019 - 19:00
Back to Top