Vulnerability Description
The default configuration of consolehelper in system-config-network before 1.5.10-1 on Fedora 8 lacks the USER=root directive, which allows local users of the workstation console to gain privileges and change the network configuration.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fedora 8 | Consolehelper | 1.4.4 |
| Redhat | Fedora 8 | 1.4.4 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/30399Vendor Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=448557
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42867
- https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00974.html
- http://secunia.com/advisories/30399Vendor Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=448557
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42867
- https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00974.html
FAQ
What is CVE-2008-2359?
CVE-2008-2359 is a vulnerability with a CVSS score of 7.2 (HIGH). The default configuration of consolehelper in system-config-network before 1.5.10-1 on Fedora 8 lacks the USER=root directive, which allows local users of the workstation console to gain privileges an...
How severe is CVE-2008-2359?
CVE-2008-2359 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-2359?
Check the references section above for vendor advisories and patch information. Affected products include: Fedora 8 Consolehelper, Redhat Fedora 8.