Lucene search
UbuntuUSN-573-1HistoryJan 31, 2008 - 12:00 a.m.
PulseAudio vulnerability
2008-01-3100:00:00
ubuntu.com
33
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.2
Confidence
Low
EPSS
0
Percentile
10.1%
Releases
- Ubuntu 7.10
- Ubuntu 7.04
Packages
- pulseaudio -
Details
It was discovered that PulseAudio did not properly drop privileges
when running as a daemon. Local users may be able to exploit this
and gain privileges. The default Ubuntu configuration is not
affected.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 7.10 | noarch | pulseaudio | < 0.9.6-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 7.10 | noarch | libpulse-browse0 | < 0.9.6-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 7.10 | noarch | libpulse-dev | < 0.9.6-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 7.10 | noarch | libpulse-mainloop-glib0 | < 0.9.6-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 7.10 | noarch | libpulse0 | < 0.9.6-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 7.10 | noarch | pulseaudio-esound-compat | < 0.9.6-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 7.10 | noarch | pulseaudio-module-gconf | < 0.9.6-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 7.10 | noarch | pulseaudio-module-hal | < 0.9.6-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 7.10 | noarch | pulseaudio-module-lirc | < 0.9.6-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 7.10 | noarch | pulseaudio-module-x11 | < 0.9.6-1ubuntu2.1 | UNKNOWN |
References
Related
openvas
openvas
Gentoo Security Advisory GLSA 200802-07 (pulseaudio)
2008-09-24 00:00:00
Fedora Update for pulseaudio FEDORA-2008-0963
2009-02-17 00:00:00
Mandriva Update for pulseaudio MDVSA-2008:027 (pulseaudio)
2009-04-09 00:00:00
debiancve
debiancve
CVE-2008-0008
2008-01-29 00:00:00
nessus
nessus
Fedora 8 : pulseaudio-0.9.8-5.fc8 (2008-0963)
2008-01-27 00:00:00
Fedora 7 : pulseaudio-0.9.6-2.fc7.1 (2008-0994)
2008-01-27 00:00:00
Debian DSA-1476-1 : pulseaudio - programming error
2008-01-29 00:00:00
cvelist
cvelist
CVE-2008-0008
2008-01-28 23:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: pulseaudio-0.9.6-2.fc7.1
2008-01-24 22:02:07
[SECURITY] Fedora 8 Update: pulseaudio-0.9.8-5.fc8
2008-01-24 21:59:33
prion
prion
Privilege escalation
2008-01-29 00:00:00
securityvulns
securityvulns
pulseuadio privilege escalation
2008-01-27 00:00:00
nvd
nvd
CVE-2008-0008
2008-01-29 00:00:00
cve
cve
CVE-2008-0008
2008-01-29 00:00:00
osv
osv
libpulse-devel-15.0-3.1 on GA media
2024-06-15 00:00:00
ubuntucve
ubuntucve
CVE-2008-0008
2008-01-29 00:00:00
gentoo
gentoo
Pulseaudio: Privilege escalation
2008-02-13 00:00:00
debian
debian
[SECURITY] [DSA 1476-1] New pulseaudio packages fix privilege escalation
2008-01-27 18:16:38
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.2
Confidence
Low
EPSS
0
Percentile
10.1%
Related for USN-573-1