Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 12/02/2008 Updated: 08/08/2017

CVSS v2 Base Score: 4.4 | Impact Score: 6.4 | Exploitability Score: 3.4

VMScore: 392

Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P

Linux kernel 2.6, when using vservers, allows local users to access resources of other vservers via a symlink attack in /proc.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 2.6.0

The vmsplice system call did not properly verify address arguments passed by user space processes, which allowed local attackers to overwrite arbitrary kernel memory, gaining root privileges (CVE-2008-0010, CVE-2008-0600) In the vserver-enabled kernels, a missing access check on certain symlinks in /proc enabled local attackers to access resources ...

CWE-59 http://www.debian.org/security/2008/dsa-1494 http://www.securityfocus.com/bid/27704 http://secunia.com/advisories/28875 http://www.securityfocus.com/bid/27798 https://exchange.xforce.ibmcloud.com/vulnerabilities/40486 https://nvd.nist.gov https://www.debian.org/security/./dsa-1494

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-0163

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect