CVE-2008-3895 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	2.1 UNKNOWN	LOCAL	LOW		AV:L/AC:L/Au:N/C:P/I:N/A:N
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 20%

Vendor	Product	Version
lilo	lilo	𝑥 ≤ 22.6.1
lilo	lilo	21.4.2
lilo	lilo	21.4.3
lilo	lilo	21.4.4
lilo	lilo	21.5
lilo	lilo	21.5.1
lilo	lilo	21.6
lilo	lilo	21.6.1
lilo	lilo	21.7
lilo	lilo	21.7.1
lilo	lilo	21.7.2
lilo	lilo	21.7.3
lilo	lilo	21.7.4
lilo	lilo	21.7.5
lilo	lilo	22.0
lilo	lilo	22.0.1
lilo	lilo	22.0.2
lilo	lilo	22.1
lilo	lilo	22.2
lilo	lilo	22.3
lilo	lilo	22.3.1
lilo	lilo	22.3.2
lilo	lilo	22.3.3
lilo	lilo	22.3.4
lilo	lilo	22.4
lilo	lilo	22.4.1
lilo	lilo	22.5
lilo	lilo	22.5.1
lilo	lilo	22.5.2
lilo	lilo	22.5.3
lilo	lilo	22.5.3.1
lilo	lilo	22.5.4
lilo	lilo	22.5.5
lilo	lilo	22.5.6
lilo	lilo	22.5.7
lilo	lilo	22.5.7.2
lilo	lilo	22.5.8
lilo	lilo	22.5.9
lilo	lilo	22.6

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

lilo

karmic	ignored
jaunty	ignored
intrepid	ignored
hardy	ignored
gutsy	ignored
feisty	ignored
dapper	ignored

Known Exploits!

Common Weakness Enumeration

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References

http://securityreason.com/securityalert/4211

http://www.ivizsecurity.com/preboot-patch.html

http://www.ivizsecurity.com/research/preboot/preboot_whitepaper.pdf

http://www.securityfocus.com/archive/1/495801/100/0/threaded

http://securityreason.com/securityalert/4211

http://www.ivizsecurity.com/preboot-patch.html

http://www.ivizsecurity.com/research/preboot/preboot_whitepaper.pdf

http://www.securityfocus.com/archive/1/495801/100/0/threaded