CVE-2008-3277
Last modified
CVE-2008-3277 is a vulnerability of currently unknown severity. Untrusted search path vulnerability in a certain Red Hat build script for the ibmssh executable in ibutils packages before ibutils-1.5.7-2.el6 in Red Hat Enterprise Linux (RHEL) 6 and ibutils-1.2-11.2.el5 in Red Hat Enterprise Linux (RHEL) 5 allows local users to gain privileges via a Trojan Horse program in refix/lib/, related to an incorrect RPATH setting in the ELF header.. EPSS estimates a 0.44% chance of exploitation in the next 30 days.
Description
Untrusted search path vulnerability in a certain Red Hat build script for the ibmssh executable in ibutils packages before ibutils-1.5.7-2.el6 in Red Hat Enterprise Linux (RHEL) 6 and ibutils-1.2-11.2.el5 in Red Hat Enterprise Linux (RHEL) 5 allows local users to gain privileges via a Trojan Horse program in refix/lib/, related to an incorrect RPATH setting in the ELF header.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Openfabrics | Ibutils | 1.5.7-2 |
| Openfabrics | Ibutils | 1.2-11.2 |
References
- http://rhn.redhat.com/errata/RHSA-2012-0311.htmlVendor Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=457935Vendor Advisory
- http://rhn.redhat.com/errata/RHSA-2012-0311.htmlVendor Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=457935Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2008-3277?
How severe is CVE-2008-3277?
How do I fix CVE-2008-3277?
Are you affected by CVE-2008-3277?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST