CVE-2008-3277

Untrusted search path vulnerability in a certain Red Hat build script for the ibmssh executable in ibutils packages before ibutils-1.5.7-2.el6 in Red Hat Enterprise Linux (RHEL) 6 and ibutils-1.2-11.2.el5 in Red Hat Enterprise Linux (RHEL) 5 allows local users to gain privileges via a Trojan Horse program in refix/lib/, related to an incorrect RPATH setting in the ELF header.

Published: Apr 16, 2014
Updated: Apr 13, 2023
CVE: CVE-2008-3277
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.4
AV:L/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-22

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
openfabrics / ibutils	1.5.7-2	1.5.7-2.x
openfabrics / ibutils	1.2-11.2	1.2-11.2.x

http://rhn.redhat.com/errata/RHSA-2012-0311.html
https://bugzilla.redhat.com/show_bug.cgi?id=457935

Vulnerability Database

289,697

CVE-2008-3277