Vulnerability CVE-2008-0008

Vulnerability Name:

CVE-2008-0008 (CCN-39992)

Assigned:

2007-12-03

Published:

2008-01-24

Updated:

2017-07-29

Summary:

The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, (3) setuid, and (4) seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail via attacks such as resource exhaustion.

CVSS v3 Severity:

5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
5.3 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

4.4 Medium (CCN CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-20

Vulnerability Consequences:

Gain Privileges

References:

Source: CONFIRM
Type: UNKNOWN
http://bugs.gentoo.org/show_bug.cgi?id=207214

Source: MITRE
Type: CNA
CVE-2008-0008

Source: CONFIRM
Type: Exploit
http://pulseaudio.org/changeset/2100

Source: SECUNIA
Type: Vendor Advisory
28608

Source: SECUNIA
Type: Vendor Advisory
28623

Source: SECUNIA
Type: Vendor Advisory
28738

Source: SECUNIA
Type: Vendor Advisory
28952

Source: GENTOO
Type: UNKNOWN
GLSA-200802-07

Source: DEBIAN
Type: UNKNOWN
DSA-1476

Source: DEBIAN
Type: DSA-1476
pulseaudio -- programming error

Source: CCN
Type: GLSA-200802-07
Pulseaudio: Privilege escalation

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2008:027

Source: CCN
Type: OSVDB ID: 42842
PulseAudio pa_drop_root Function Local Privilege Escalation

Source: CCN
Type: PulseAudio Web site
PulseAudio - Trac

Source: BID
Type: UNKNOWN
27449

Source: CCN
Type: BID-27449
PulseAudio Local Privilege Escalation Vulnerability

Source: CCN
Type: USN-573-1
PulseAudio vulnerability

Source: UBUNTU
Type: UNKNOWN
USN-573-1

Source: VUPEN
Type: Vendor Advisory
ADV-2008-0283

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.novell.com/show_bug.cgi?id=347822

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=425481

Source: XF
Type: UNKNOWN
pulseaudio-padroproot-privilege-escalation(39992)

Source: XF
Type: UNKNOWN
pulseaudio-padroproot-privilege-escalation(39992)

Source: MLIST
Type: UNKNOWN
[pulseaudio-discuss] 20080124 [ANNOUNCE] PulseAudio 0.9.9

Source: FEDORA
Type: UNKNOWN
FEDORA-2008-0963

Source: FEDORA
Type: UNKNOWN
FEDORA-2008-0994

Vulnerable Configuration:

Configuration 1:

cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:x86-64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:x86-64:*:*:*:*:*

OR cpe:/o:redhat:fedora:7:*:*:*:*:*:*:*

OR cpe:/o:redhat:fedora:8:*:*:*:*:*:*:*

AND

cpe:/a:pulseaudio:pulseaudio:0.9.6:*:*:*:*:*:*:*

OR cpe:/a:pulseaudio:pulseaudio:0.9.8:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20080008	V	CVE-2008-0008	2022-06-30
oval:org.opensuse.security:def:42374	P	Security update for libslirp (Important)	2022-04-29
oval:org.opensuse.security:def:42169	P	Security update for yaml-cpp (Moderate)	2022-04-01
oval:org.opensuse.security:def:112787	P	libpulse-devel-15.0-3.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:31376	P	Security update for apache2 (Important)	2022-01-12
oval:org.opensuse.security:def:32288	P	Security update for libsndfile (Important)	2022-01-05
oval:org.opensuse.security:def:26187	P	Security update for libvpx (Moderate)	2021-12-23
oval:org.opensuse.security:def:106258	P	Security update for python-Pygments (Important)	2021-12-01
oval:org.opensuse.security:def:31315	P	Security update for clamav (Moderate)	2021-12-01
oval:org.opensuse.security:def:32210	P	Security update for opensc (Important)	2021-10-29
oval:org.opensuse.security:def:26147	P	Security update for MozillaFirefox (Important)	2021-10-15
oval:org.opensuse.security:def:31690	P	Security update for webkit2gtk3 (Important)	2021-10-06
oval:org.opensuse.security:def:32188	P	Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)	2021-09-23
oval:org.opensuse.security:def:31683	P	Security update for ghostscript (Critical)	2021-09-21
oval:org.opensuse.security:def:31679	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:31678	P	Security update for file (Important)	2021-09-02
oval:org.opensuse.security:def:31676	P	Security update for openexr (Important)	2021-09-02
oval:org.opensuse.security:def:26103	P	Security update for the Linux Kernel (Important)	2021-08-10
oval:org.opensuse.security:def:26102	P	Security update for php72 (Important)	2021-08-06
oval:org.opensuse.security:def:31241	P	Security update for libsndfile (Critical)	2021-08-05
oval:org.opensuse.security:def:26094	P	Security update for curl (Moderate)	2021-07-23
oval:org.opensuse.security:def:31229	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:32149	P	Security update for linuxptp (Important)	2021-07-21
oval:org.opensuse.security:def:31230	P	Security update for linuxptp (Important)	2021-07-21
oval:org.opensuse.security:def:26088	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:32132	P	Security update for libnettle (Important)	2021-06-23
oval:org.opensuse.security:def:36212	P	libpulse-browse0-0.9.23-0.17.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36477	P	libpulse-devel-0.9.23-0.17.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42619	P	libpulse-browse0-0.9.23-0.17.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:32100	P	Security update for dhcp (Important)	2021-06-01
oval:org.opensuse.security:def:32931	P	Security update for djvulibre (Important)	2021-05-31
oval:org.opensuse.security:def:26046	P	Security update for libxml2 (Moderate)	2021-05-05
oval:org.opensuse.security:def:26044	P	Security update for avahi (Moderate)	2021-05-04
oval:org.opensuse.security:def:26038	P	Security update for curl (Moderate)	2021-04-28
oval:org.opensuse.security:def:31152	P	Security update for qemu (Important)	2021-04-16
oval:org.opensuse.security:def:26027	P	Security update for glibc (Important)	2021-04-13
oval:org.opensuse.security:def:26026	P	Security update for cifs-utils (Moderate)	2021-04-13
oval:org.opensuse.security:def:32892	P	Security update for fwupdate (Important)	2021-04-08
oval:org.opensuse.security:def:26196	P	Security update for ImageMagick (Moderate)	2021-02-19
oval:org.opensuse.security:def:31732	P	Security update for krb5-appl (Important)	2021-02-19
oval:org.opensuse.security:def:32254	P	Security update for openvswitch (Important)	2021-02-12
oval:org.opensuse.security:def:31284	P	Security update for python3 (Important)	2021-02-08
oval:org.opensuse.security:def:26030	P	Security update for php72 (Moderate)	2021-01-14
oval:org.opensuse.security:def:31744	P	Security update for MozillaFirefox (Important)	2021-01-12
oval:org.opensuse.security:def:31652	P	Security update for openssh (Moderate)	2021-01-05
oval:org.opensuse.security:def:32005	P	Security update for xen (Important)	2020-12-07
oval:org.opensuse.security:def:35598	P	libpulse-browse0-0.9.21-1.5.26 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35762	P	libpulse-browse0-0.9.23-0.7.128 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:42005	P	libpulse-browse0-0.9.21-1.5.26 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35967	P	libpulse-browse0-0.9.23-0.7.128 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:31435	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:25779	P	Security update for the SUSE Linux Enterprise 12 kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31842	P	Security update for bzip2 (Important)	2020-12-01
oval:org.opensuse.security:def:25150	P	Security update for ovmf (Moderate)	2020-12-01
oval:org.opensuse.security:def:27210	P	libpulse-browse0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25517	P	Security update for qemu (Moderate)	2020-12-01
oval:org.opensuse.security:def:31520	P	Security update for rpcbind (Moderate)	2020-12-01
oval:org.opensuse.security:def:25867	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:32524	P	gpg2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25225	P	Security update for systemd (Important)	2020-12-01
oval:org.opensuse.security:def:31433	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25529	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26656	P	zoo on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25925	P	Security update for pcre (Moderate)	2020-12-01
oval:org.opensuse.security:def:25434	P	Security update for dovecot22 (Important)	2020-12-01
oval:org.opensuse.security:def:31839	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:26249	P	Security update for libtomcrypt (Moderate)	2020-12-01
oval:org.opensuse.security:def:25721	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26744	P	libexif on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26598	P	libpulse-browse0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25575	P	Security update for libX11 (Important)	2020-12-01
oval:org.opensuse.security:def:31944	P	Security update for gnutls (Moderate)	2020-12-01
oval:org.opensuse.security:def:26931	P	krb5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25859	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:32344	P	Security update for spice (Important)	2020-12-01
oval:org.opensuse.security:def:26802	P	pcsc-lite on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26311	P	Security update for openstack-nova and openstack-neutron (Moderate)	2020-12-01
oval:org.opensuse.security:def:25942	P	Security update for gstreamer-0_10-plugins-bad (Moderate)	2020-12-01
oval:org.opensuse.security:def:25313	P	Security update for perl-DBI (Important)	2020-12-01
oval:org.opensuse.security:def:31447	P	Security update for postgresql94 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26338	P	Security update for Chromium (Moderate)	2020-12-01
oval:org.opensuse.security:def:32432	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:27475	P	libpulse-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25761	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31764	P	Security update for MozillaFirefox, MozillaFirefox-branding-SLE and mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:26452	P	Security update for phpMyAdmin (Moderate)	2020-12-01
oval:org.opensuse.security:def:32687	P	kbd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25388	P	Security update for libsolv (Moderate)	2020-12-01
oval:org.opensuse.security:def:31596	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:26440	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:32498	P	cups on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25773	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:31988	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:31067	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25597	P	Security update for squid (Critical)	2020-12-01
oval:org.opensuse.security:def:32044	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26493	P	Security update for phpMyAdmin (Important)	2020-12-01
oval:org.opensuse.security:def:33175	P	libpulse-browse0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31434	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:25965	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:25726	P	Security update for python36 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31820	P	Security update for augeas (Moderate)	2020-12-01
oval:org.opensuse.security:def:26761	P	libpulse-browse0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25149	P	Security update for openssl-1_1 (Important)	2020-12-01
oval:org.opensuse.security:def:25738	P	Security update for libxslt (Moderate)	2020-12-01
oval:org.opensuse.security:def:27175	P	libarchive2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31446	P	Security update for popt	2020-12-01
oval:org.opensuse.security:def:25828	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:31886	P	Security update for ed (Low)	2020-12-01
oval:org.opensuse.security:def:25161	P	Security update for openldap2 (Important)	2020-12-01
oval:org.opensuse.security:def:25518	P	Security update for samba (Moderate)	2020-12-01
oval:org.opensuse.security:def:26603	P	libsnmp15-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25881	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:32563	P	libpulse-browse0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25353	P	Security update for libzypp (Moderate)	2020-12-01
oval:org.opensuse.security:def:26235	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:25593	P	Security update for openvpn (Moderate)	2020-12-01
oval:org.opensuse.security:def:31801	P	security update for xen (Moderate)	2020-12-01
oval:org.opensuse.security:def:26705	P	gd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26563	P	gvim on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25491	P	Security update for squid (Important)	2020-12-01
oval:org.opensuse.security:def:31895	P	Security update for MozillaFirefox, mozilla-nspr (Important)	2020-12-01
oval:org.opensuse.security:def:26293	P	Security update for raptor (Important)	2020-12-01
oval:org.opensuse.security:def:25802	P	Recommended update for LibreOffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:26758	P	libopenssl0_9_8 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26230	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:25889	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:31983	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:26966	P	libpulse-browse0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25312	P	Security update for libsolv (Moderate)	2020-12-01
oval:org.opensuse.security:def:25943	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32393	P	Security update for tomcat6 (Important)	2020-12-01
oval:org.opensuse.security:def:27440	P	libdhcp6client-1_0-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26368	P	Security update for irssi (Moderate)	2020-12-01
oval:org.opensuse.security:def:25991	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:32049	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:25324	P	Security update for bcm43xx-firmware (Moderate)	2020-12-01
oval:org.opensuse.security:def:31539	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:26391	P	Security update for MozillaThunderbird (Important)	2020-12-01
oval:org.opensuse.security:def:32454	P	Security update for xorg-x11-libICE (Moderate)	2020-12-01
oval:org.opensuse.security:def:25762	P	Security update for Xerces-C (Moderate)	2020-12-01
oval:org.opensuse.security:def:31896	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:32726	P	libpulse-browse0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31066	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25516	P	Security update for file-roller (Moderate)	2020-12-01
oval:org.opensuse.security:def:31888	P	Security update for evince (Moderate)	2020-12-01
oval:org.opensuse.security:def:26479	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:33136	P	libQtWebKit4-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25837	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:32045	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31781	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26726	P	kdelibs4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31078	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25654	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:26537	P	dhcp on GA media (Moderate)	2020-12-01
oval:org.mitre.oval:def:17781	P	USN-573-1 -- pulseaudio vulnerability	2014-06-30
oval:org.mitre.oval:def:8015	P	DSA-1476 pulseaudio -- programming error	2014-06-23
oval:org.mitre.oval:def:20369	P	DSA-1476-1 pulseaudio - programming error	2014-06-23
oval:org.debian:def:1476	V	programming error	2008-01-27

BACK