NVD

Id
1175  
Name
CVE-2008-1215  
Description
Stack-based buffer overflow in the command_Expand_Interpret function in command.c in ppp (aka user-ppp), as distributed in FreeBSD 6.3 and 7.0, OpenBSD 4.1 and 4.2, and the net/userppp package for NetBSD, allows local users to gain privileges via long commands containing "~" characters.  
Reject
 
CVSS Version
2  
CVSS Score
4.6  
Severity
Medium  
CVSS Base Score
4.6  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-03  
Published
2008-03-08  
Modified Date
2008-09-05  
Seq
2008-1215  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
7335 1175 CVE-2008-1215 [4.1] 20080307 014: SECURITY FIX: March 7, 2008  View
7336 1175 CVE-2008-1215 [4.2] 20080307 009: SECURITY FIX: March 7, 2008  View
7337 1175 CVE-2008-1215 20080229 *BSD user-ppp local root (when conditions permit)  View
7338 1175 CVE-2008-1215 20080301 Re: *BSD user-ppp local root (when conditions permit)  View
7339 1175 CVE-2008-1215 28090  View
7340 1175 CVE-2008-1215 userppp-commandexpandinterpret-bo(41034)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
47508 JVNDB-2008-002818 FreeBSD の ppp におけるスタックベースのバッファオーバーフローの脆弱性 FreeBSD、OpenBSD、および NetBSD の net/userppp パッケージで配布される ppp の command.c の command_Expand_Interpret 関数には、スタックベースのバッファオーバーフローの脆弱性が存在します。 CVE-2008-1215 31328 CVE-2008-1215 1175 4.6 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002818.html 2008-03-08 2012-06-26 View