CVE-2008-1056

Multiple stack-based buffer overflows in Symark PowerBroker 2.8 through 5.0.1 allow local users to gain privileges via a long argv[0] string when executing (1) pbrun, (2) pbsh, or (3) pbksh.  NOTE: the product is often installed in environments with trust relationships that facilitate subsequent remote compromises.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 14%
VendorProductVersion
symarkpowerbroker
2.8
symarkpowerbroker
3.0
symarkpowerbroker
3.2
symarkpowerbroker
3.5
symarkpowerbroker
4.0
symarkpowerbroker
5.0
symarkpowerbroker
5.01
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/29111
http://www.mnin.org/advisories/2008_symarkpb.pdf
http://www.securityfocus.com/bid/28015
http://www.symark.com/support/PBFeb2008Announcement.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/40872
http://secunia.com/advisories/29111
http://www.mnin.org/advisories/2008_symarkpb.pdf
http://www.securityfocus.com/bid/28015
http://www.symark.com/support/PBFeb2008Announcement.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/40872