Vulnerability Details CVE-2008-3234
sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary SELinux roles by appending a :/ (colon slash) sequence, followed by the role name, to the username.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.023
EPSS Ranking 83.7%
CVSS Severity
CVSS v2 Score 6.5
References
Products affected by CVE-2008-3234
-
cpe:2.3:a:openbsd:openssh:4.0
-
cpe:2.3:o:debian:debian_linux:-
-
cpe:2.3:o:debian:debian_linux:0.9.1
-
cpe:2.3:o:debian:debian_linux:0.9.2
-
cpe:2.3:o:debian:debian_linux:0.9.3
-
cpe:2.3:o:debian:debian_linux:0.9.4
-
cpe:2.3:o:debian:debian_linux:0.93
-
cpe:2.3:o:debian:debian_linux:1.1
-
cpe:2.3:o:debian:debian_linux:1.2
-
cpe:2.3:o:debian:debian_linux:1.3
-
cpe:2.3:o:debian:debian_linux:1.3.1
-
cpe:2.3:o:debian:debian_linux:10
-
cpe:2.3:o:debian:debian_linux:10.0
-
cpe:2.3:o:debian:debian_linux:11.0
-
cpe:2.3:o:debian:debian_linux:12.0
-
cpe:2.3:o:debian:debian_linux:13.0
-
cpe:2.3:o:debian:debian_linux:2.0
-
cpe:2.3:o:debian:debian_linux:2.0.34
-
cpe:2.3:o:debian:debian_linux:2.0.5
-
cpe:2.3:o:debian:debian_linux:2.1
-
cpe:2.3:o:debian:debian_linux:2.1.8.8.p3-1.1
-
cpe:2.3:o:debian:debian_linux:2.2
-
cpe:2.3:o:debian:debian_linux:2.3
-
cpe:2.3:o:debian:debian_linux:2.5.2-1
-
cpe:2.3:o:debian:debian_linux:2.5.3-16
-
cpe:2.3:o:debian:debian_linux:2.5.3-3
-
cpe:2.3:o:debian:debian_linux:3.0
-
cpe:2.3:o:debian:debian_linux:3.0.18
-
cpe:2.3:o:debian:debian_linux:3.0.23
-
cpe:2.3:o:debian:debian_linux:3.1
-
cpe:2.3:o:debian:debian_linux:3.2.4
-
cpe:2.3:o:debian:debian_linux:4.0
-
cpe:2.3:o:debian:debian_linux:5.0
-
cpe:2.3:o:debian:debian_linux:5.0.9
-
cpe:2.3:o:debian:debian_linux:6.0
-
cpe:2.3:o:debian:debian_linux:6.0.14
-
cpe:2.3:o:debian:debian_linux:6.2
-
cpe:2.3:o:debian:debian_linux:7.0
-
cpe:2.3:o:debian:debian_linux:7.1
-
cpe:2.3:o:debian:debian_linux:8.0
-
cpe:2.3:o:debian:debian_linux:9.0
-
cpe:2.3:o:debian:debian_linux:9.2