CVE Reference: CVE-2008-0003

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2008-0003

Description:
Stack-based buffer overflow in the PAMBasicAuthenticator::PAMCallback function in OpenPegasus CIM management server (tog-pegasus), when compiled to use PAM and without PEGASUS_USE_PAM_STANDALONE_PROC defined, might allow remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2007-5360.

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/39527

VIM
  http://www.attrition.org/pipermail/vim/2008-January/001879.html

ST
  1019159

SAID
  Secunia Advisory: SA29056
  Secunia Advisory: SA28462
  Secunia Advisory: SA28338
  Secunia Advisory: SA29785
  Secunia Advisory: SA29986

REDHAT
  http://www.redhat.com/support/errata/RHSA-2008-0002.html

OVAL
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10282

OSVDB
  40082

MLIST
  http://lists.vmware.com/pipermail/security-announce/2008/000014.html

HP
  http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01438409

FEDORA

CONFIRM
  http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4129

BUGTRAQ
  http://www.securityfocus.com/archive/1/archive/1/490917/100/0/threaded

BID
  27172
  27188


Return to the previous page.