Vulnerability CVE-2008-0008


Published: 2008-01-28   Modified: 2012-02-12

Description:
The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, (3) setuid, and (4) seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail via attacks such as resource exhaustion.

Type:

CWE-20

(Improper Input Validation)

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Pulseaudio -> Pulseaudio 

 References:
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00869.html
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00852.html
https://bugzilla.redhat.com/show_bug.cgi?id=425481
https://bugzilla.novell.com/show_bug.cgi?id=347822
http://xforce.iss.net/xforce/xfdb/39992
http://www.vupen.com/english/advisories/2008/0283
http://www.ubuntu.com/usn/usn-573-1
http://www.securityfocus.com/bid/27449
http://www.mandriva.com/security/advisories?name=MDVSA-2008:027
http://www.debian.org/security/2008/dsa-1476
http://security.gentoo.org/glsa/glsa-200802-07.xml
http://secunia.com/advisories/28952
http://secunia.com/advisories/28738
http://secunia.com/advisories/28623
http://secunia.com/advisories/28608
http://pulseaudio.org/changeset/2100
http://bugs.gentoo.org/show_bug.cgi?id=207214

Copyright 2024, cxsecurity.com

 

Back to Top