CVE-2008-5188

{"id": "CVE-2008-5188", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2008-11-21T02:30:00.563", "references": [{"url": "http://git.kernel.org/?p=linux/kernel/git/mhalcrow/ecryptfs-utils.git%3Ba=commit%3Bh=06de99afd53f03fe07eda0ad9d61ac6d5d4d9f53", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/49334", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/50353", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/50354", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/50355", "source": "cve@mitre.org"}, {"url": "http://rhn.redhat.com/errata/RHSA-2009-1307.html", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/32382", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/36552", "source": "cve@mitre.org"}, {"url": "http://www.openwall.com/lists/oss-security/2008/10/23/3", "source": "cve@mitre.org"}, {"url": "http://www.openwall.com/lists/oss-security/2008/10/29/4", "source": "cve@mitre.org"}, {"url": "http://www.openwall.com/lists/oss-security/2008/10/29/7", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46073", "source": "cve@mitre.org"}, {"url": "https://launchpad.net/bugs/287908", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9607", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-255"}]}], "descriptions": [{"lang": "en", "value": "The (1) ecryptfs-setup-private, (2) ecryptfs-setup-confidential, and (3) ecryptfs-setup-pam-wrapped.sh scripts in ecryptfs-utils 45 through 61 in eCryptfs place cleartext passwords on command lines, which allows local users to obtain sensitive information by listing the process."}, {"lang": "es", "value": "Las secuencias de comando (1) ecryptfs-setup-private, (2) ecryptfs-setup-confidential, y (3) ecryptfs-setup-pam-wrapped.sh en ecryptfs-utils v45 hasta la v61 en eCryptfs las lineas de comando y las contrase\u00f1as estan en texto en claro, que permite a usuarios locales conseguir informaci\u00f3n sensible mediante el listado de procesos."}], "lastModified": "2023-11-07T02:03:03.360", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ecryptfs:ecryptfs_utils:45:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A4E82E6-AF24-4B7F-A6DD-EBCD181CAB54"}, {"criteria": "cpe:2.3:a:ecryptfs:ecryptfs_utils:46:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "97C0970B-D35A-4D8B-B23D-8174451FF532"}, {"criteria": "cpe:2.3:a:ecryptfs:ecryptfs_utils:47:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CE63E38-3A4F-457C-9F15-66CFC421268B"}, {"criteria": "cpe:2.3:a:ecryptfs:ecryptfs_utils:48:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A290B1C-54BF-456B-8D53-D2D33AE15E93"}, {"criteria": "cpe:2.3:a:ecryptfs:ecryptfs_utils:49:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6844D7B-734C-461A-9F5D-6C246F2DC7C6"}, {"criteria": "cpe:2.3:a:ecryptfs:ecryptfs_utils:50:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3EFE185F-8579-4216-B611-299B7CD9F3F3"}, {"criteria": "cpe:2.3:a:ecryptfs:ecryptfs_utils:51:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "13BEDA62-A7CA-409C-B4D0-84945A3E46ED"}, {"criteria": "cpe:2.3:a:ecryptfs:ecryptfs_utils:53:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2BDCD33C-7EA6-4922-914D-43472CC23F1E"}, {"criteria": "cpe:2.3:a:ecryptfs:ecryptfs_utils:54:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F20CFF16-B815-4F76-A099-B805AC1D2776"}, {"criteria": "cpe:2.3:a:ecryptfs:ecryptfs_utils:55:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B369A92-201D-4F84-9A5C-27853EF8286B"}, {"criteria": "cpe:2.3:a:ecryptfs:ecryptfs_utils:56:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4446FE35-FA53-4DC6-86FF-746E1D890340"}, {"criteria": "cpe:2.3:a:ecryptfs:ecryptfs_utils:57:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "94190953-E2B5-473B-B3C6-39BBD4C3783E"}, {"criteria": "cpe:2.3:a:ecryptfs:ecryptfs_utils:58:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE9A6D32-8A3D-4A25-BF1E-2ED812539F00"}, {"criteria": "cpe:2.3:a:ecryptfs:ecryptfs_utils:59:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB9630D3-DE46-4C60-A9B0-57B8B9B3C857"}, {"criteria": "cpe:2.3:a:ecryptfs:ecryptfs_utils:60:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DFE4E253-4CE1-4122-8FFA-974A466D309B"}, {"criteria": "cpe:2.3:a:ecryptfs:ecryptfs_utils:61:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74A6D874-CFFC-49C8-8BB0-DC5DA52E5A16"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}