Vulnerability Details CVE-2008-2378
Untrusted search path vulnerability in hfkernel in hf 0.7.3 and 0.8 allows local users to gain privileges via a Trojan horse killall program in a directory in the PATH, related to improper handling of the -k option.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 16.5%
CVSS Severity
CVSS v2 Score 7.2
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504182
- http://osvdb.org/50231
- http://secunia.com/advisories/32831
- http://secunia.com/advisories/32855
- http://www.debian.org/security/2008/dsa-1668
- http://www.securityfocus.com/bid/32421
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46806
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504182
- http://osvdb.org/50231
- http://secunia.com/advisories/32831
- http://secunia.com/advisories/32855
- http://www.debian.org/security/2008/dsa-1668
- http://www.securityfocus.com/bid/32421
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46806