fkie_cve-2008-3896
Vulnerability from fkie_nvd
Published
2008-09-03 14:12
Modified
2025-04-09 00:30
Severity ?
Summary
Grub Legacy 0.97 and earlier stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer before and after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer.
References
cve@mitre.orghttp://securityreason.com/securityalert/4204
cve@mitre.orghttp://securityreason.com/securityalert/4206
cve@mitre.orghttp://www.ivizsecurity.com/preboot-patch.html
cve@mitre.orghttp://www.ivizsecurity.com/research/preboot/preboot_whitepaper.pdf
cve@mitre.orghttp://www.securityfocus.com/archive/1/495726/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/4204
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/4206
af854a3a-2127-422b-91ae-364da2661108http://www.ivizsecurity.com/preboot-patch.html
af854a3a-2127-422b-91ae-364da2661108http://www.ivizsecurity.com/research/preboot/preboot_whitepaper.pdf
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/495726/100/0/threaded
Impacted products
Vendor Product Version
gnu grub_legacy *
gnu grub_legacy 0.92
gnu grub_legacy 0.93
gnu grub_legacy 0.94
gnu grub_legacy 0.94-i386-pc
gnu grub_legacy 0.95
gnu grub_legacy 0.95-i386-pc
gnu grub_legacy 0.96
gnu grub_legacy 0.96-i386-pc
gnu grub_legacy 0.97-i386-pc


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gnu:grub_legacy:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BE8B287-6A40-4CEC-B5DC-F5CBEC511CD8",
              "versionEndIncluding": "0.97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:grub_legacy:0.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "58DBE7A3-6BAC-4181-9698-3D43CC254BDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:grub_legacy:0.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3785960-09FB-429F-A3A3-66E19EC08041",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:grub_legacy:0.94:*:*:*:*:*:*:*",
              "matchCriteriaId": "578DCB63-0436-465B-9A55-0C54D3B754D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:grub_legacy:0.94-i386-pc:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6A5290A-059D-4D35-A29D-BDFA810B82AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:grub_legacy:0.95:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5923117-1A5E-4847-99A2-9291F21090CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:grub_legacy:0.95-i386-pc:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B8B080-6E14-4DC4-A67D-96717EE24E02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:grub_legacy:0.96:*:*:*:*:*:*:*",
              "matchCriteriaId": "B871F2D3-3AFD-4FBF-99BF-6ED834E759B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:grub_legacy:0.96-i386-pc:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A2D8B3C-3377-4C55-BD1C-90847074DD85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:grub_legacy:0.97-i386-pc:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AA7F849-F3E1-4779-A687-CFBAD5ABFF24",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Grub Legacy 0.97 and earlier stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer before and after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer."
    },
    {
      "lang": "es",
      "value": "Grub Legacy 0.97 y versiones anteriores almacena contrase\u00f1as de autenticaci\u00f3n de pre-arranque en el b\u00fafer BIOS Keyboard y no limpia este b\u00fafer antes y despu\u00e9s del uso, lo cual permite a usuarios locales obtener informaci\u00f3n sensible leyendo las localizaciones de memoria f\u00edsica asociadas con este b\u00fafer."
    }
  ],
  "id": "CVE-2008-3896",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-09-03T14:12:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/4204"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/4206"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ivizsecurity.com/preboot-patch.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ivizsecurity.com/research/preboot/preboot_whitepaper.pdf"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/495726/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/4204"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/4206"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ivizsecurity.com/preboot-patch.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ivizsecurity.com/research/preboot/preboot_whitepaper.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/495726/100/0/threaded"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Red Hat does not consider this to be a security issue.  Since these operations can only be executed by root, no trust boundary is crossed as a result of this behaviour.",
      "lastModified": "2009-01-29T01:54:44.843",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.