[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

95906

 
 

909

 
 

77982

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2008-1056

Date: (C)2008-02-28   (M)2017-08-08
 
CVSS Score: 6.9Access Vector: LOCAL
Exploitability Subscore: 3.4Access Complexity: MEDIUM
Impact Subscore: 10.0Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE











Multiple stack-based buffer overflows in Symark PowerBroker 2.8 through 5.0.1 allow local users to gain privileges via a long argv[0] string when executing (1) pbrun, (2) pbsh, or (3) pbksh. NOTE: the product is often installed in environments with trust relationships that facilitate subsequent remote compromises.

Reference:
BID-28015
SECUNIA-29111
http://www.mnin.org/advisories/2008_symarkpb.pdf
http://www.symark.com/support/PBFeb2008Announcement.html
powerbroker-argv-bo(40872)

CWE    1
CWE-119

© 2013 SecPod Technologies