CVE-2008-2378

Untrusted search path vulnerability in hfkernel in hf 0.7.3 and 0.8 allows local users to gain privileges via a Trojan horse killall program in a directory in the PATH, related to improper handling of the -k option.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.2 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
VendorProductVersion
hfhf
0.7.3
hfhf
0.8
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
hf
jaunty
dne
intrepid
Fixed 0.8-8ubuntu0.1
released
hardy
Fixed 0.8-5ubuntu0.1
released
gutsy
Fixed
released
dapper
Fixed 0.7.3-2ubuntu0.1
released
Common Weakness Enumeration
References
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504182
http://osvdb.org/50231
http://secunia.com/advisories/32831
http://secunia.com/advisories/32855
http://www.debian.org/security/2008/dsa-1668
http://www.securityfocus.com/bid/32421
https://exchange.xforce.ibmcloud.com/vulnerabilities/46806
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504182
http://osvdb.org/50231
http://secunia.com/advisories/32831
http://secunia.com/advisories/32855
http://www.debian.org/security/2008/dsa-1668
http://www.securityfocus.com/bid/32421
https://exchange.xforce.ibmcloud.com/vulnerabilities/46806