CVE-2008-4832
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2008-4832
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows local users to delete arbitrary files via a symlink attack on a directory under (1) /var/lock or (2) /var/run. NOTE: this issue exists because of a race condition in an incorrect fix for CVE-2008-3524. NOTE: exploitation may require an unusual scenario in which rc.sysinit is executed other than at boot time.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
RPath Linux initscripts 'rc.sysinit' 任意文件删除漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
rPath上的initscripts 中的rc.sysinit允许本地用户借助一个对(1)/var/lock或(2)/var/run下的一个目录的symlink攻击,来删除任意文件。注意:此漏洞之所以存在是因为对CVE-2008-3524中的竞争条件的不正确修复。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2008-4832
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2008-4832
请登录查看更多情报信息。
- http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0318x_refsource_CONFIRM
- https://issues.rpath.com/browse/RPL-2857x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2008-4832
Same Patch Batch · n/a · 2008-11-17 · 30 CVEs total
| CVE-2008-5108 | Adobe AIR 未明代码注入漏洞 | |
| CVE-2008-5107 | Citrix Presentation Server和Desktop Server MSI日志文件信息泄露漏洞 | |
| CVE-2008-5106 | Sami FTP Server 'SamyFtp.binlog'远程拒绝服务漏洞 | |
| CVE-2008-5105 | Sami FTP Server 多个远程拒绝服务漏洞 | |
| CVE-2008-5104 | Ubuntu vm-builder 默认的密码本地安全绕过漏洞 | |
| CVE-2008-5103 | Ubuntu vm-builder 启动帐户配置本地安全绕过漏洞 | |
| CVE-2008-5102 | Zope PythonScript 'PythonScriptss'拒绝服务漏洞 | |
| CVE-2008-5101 | OptiPNG BMP阅读器畸形头的图形文件缓冲区溢出漏洞 | |
| CVE-2008-5100 | Microsoft .NET Framework strong name(SN)implementation 加密问题漏洞 | |
| CVE-2008-5099 | Sun Logical Domain Manager 'OpenBoot PROM' 本地安全绕过漏洞 | |
| CVE-2008-5098 | Sun Java System Messaging Server 跨站脚本攻击漏洞 | |
| CVE-2008-4216 | Apple Safari WebKit插件接口安全信息泄露漏洞 | |
| CVE-2008-3644 | Apple Safari 页面缓存用户信息泄露漏洞 | |
| CVE-2008-3623 | Apple Safari安全漏洞 | |
| CVE-2008-5110 | Balabit syslog-ng 权限许可和访问控制问题漏洞 | |
| CVE-2006-5268 | Trend Micro ServerProtect RPC接口非授权访问漏洞 | |
| CVE-2008-4824 | Adobe Flash Player 输入确认错误安全漏洞 | |
| CVE-2008-5113 | wordpress REQUEST全局数组跨站请求伪造漏洞 | |
| CVE-2008-5112 | Microsoft活动目录LDAP服务器用户名枚举漏洞 | |
| CVE-2008-5111 | Sun Solaris '3SOCKET' 本地拒绝服务漏洞 |
Showing top 20 of 30 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8276
bettercap MySQL Server mysql_server.go integer coercion - CVE-2026-8275
bettercap zerogod IPP Service zerogod_ipp_primitives.go ippR - CVE-2026-8270
Open5GS SMF ogs_nas_parse_qos_rules denial of service - CVE-2026-8269
Open5GS SMF smf_nsmf_handle_create_sm_context denial of serv - CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service
V. Comments for CVE-2008-4832
No comments yet