CVE-2008-3895 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	2.1 UNKNOWN	LOCAL	LOW		AV:L/AC:L/Au:N/C:P/I:N/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 19%

Affected Products (NVD)

Vendor	Product	Version
lilo	lilo	𝑥 ≤ 22.6.1
lilo	lilo	21.4.2
lilo	lilo	21.4.3
lilo	lilo	21.4.4
lilo	lilo	21.5
lilo	lilo	21.5.1
lilo	lilo	21.6
lilo	lilo	21.6.1
lilo	lilo	21.7
lilo	lilo	21.7.1
lilo	lilo	21.7.2
lilo	lilo	21.7.3
lilo	lilo	21.7.4
lilo	lilo	21.7.5
lilo	lilo	22.0
lilo	lilo	22.0.1
lilo	lilo	22.0.2
lilo	lilo	22.1
lilo	lilo	22.2
lilo	lilo	22.3
lilo	lilo	22.3.1
lilo	lilo	22.3.2
lilo	lilo	22.3.3
lilo	lilo	22.3.4
lilo	lilo	22.4
lilo	lilo	22.4.1
lilo	lilo	22.5
lilo	lilo	22.5.1
lilo	lilo	22.5.2
lilo	lilo	22.5.3
lilo	lilo	22.5.3.1
lilo	lilo	22.5.4
lilo	lilo	22.5.5
lilo	lilo	22.5.6
lilo	lilo	22.5.7
lilo	lilo	22.5.7.2
lilo	lilo	22.5.8
lilo	lilo	22.5.9
lilo	lilo	22.6

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

lilo

dapper	ignored
feisty	ignored
gutsy	ignored
hardy	ignored
intrepid	ignored
jaunty	ignored
karmic	ignored

Known Exploits!

Common Weakness Enumeration

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References

http://securityreason.com/securityalert/4211

http://www.ivizsecurity.com/preboot-patch.html

http://www.ivizsecurity.com/research/preboot/preboot_whitepaper.pdf

http://www.securityfocus.com/archive/1/495801/100/0/threaded

http://securityreason.com/securityalert/4211

http://www.ivizsecurity.com/preboot-patch.html

http://www.ivizsecurity.com/research/preboot/preboot_whitepaper.pdf

http://www.securityfocus.com/archive/1/495801/100/0/threaded