CVE-2008-3895

Published Sep 3, 2008
Last updated 6 years ago
CVSS info 2.1
Overview

Description: LILO 22.6.1 and earlier stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer before and after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer.
Source: cve@mitre.org
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 2.1
Impact score: 2.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:N/A:N
Weaknesses

nvd@nist.gov: CWE-200
Hype score: Not currently trending
Vendor comments

Red HatRed Hat does not consider this to be a security issue. Since these operations can only be executed by root, no trust boundary is crossed as a result of this behaviour.
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:lilo:lilo:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F668D7C-0032-4335-8E90-ABBE039F222B",
            "versionEndIncluding": "22.6.1"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A759B97-3614-4D91-AA5A-192B995214AD"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B0DB4194-5F7D-4E67-A4B0-71EB61DE63E5"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0DFC9F61-5684-403C-8A29-7C0CDFE982D2"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CE80220E-C92E-4FC3-A0E3-F46253F831A4"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5498FEB-E603-40AC-8960-083F951E4DA8"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69BF8ED4-2563-4073-A1A9-3D6518A9D0DC"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1C2AD4E4-5BDA-4772-91D3-706BB4188BFE"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E094610-8DB1-4153-BB60-5FA7B78810E6"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D7AEEF68-3E9B-439E-9C77-EF81FE3FB369"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E2A57A9-8B7F-4F39-8457-EA6296512630"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C34DB8C-E0F4-4D41-968B-02E76CA9F6E5"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0BE0D9B3-D2F4-441F-AF96-9A4B300E7FD5"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0249F716-CD23-4315-8472-FA5CDC55A6B2"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "653AF65C-19A1-47E3-9762-FB315A8EB574"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "614FBCB3-57B9-4B14-88A8-D7D261351359"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3786E2F9-BDDF-4924-8268-AB6F3BA1CE0B"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A441F829-52BB-48D4-BC11-7C3E11CE5662"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CB9D00CC-5A47-43CD-8CDE-C8109B5A2E40"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FFAA278C-3A6F-4554-B1E9-E85ABCEF9719"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:19:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0334052B-C44C-4677-BA37-6D47328BC2E1"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "065B8AC4-D7B2-4914-878A-D35690CFDFFF"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "81762624-E359-40A2-A7A5-BF553F13986C"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:21-3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "72AD3A9F-6859-48DB-A2CD-69EAE8078BBF"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:21.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E90F1EE-EF43-4DB8-B855-6D6B354845F4"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:21.4.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3D651820-9933-4E00-A2EE-79B20EAA35B8"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:21.4.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4E4FF707-85B2-43C5-A32A-021B63071643"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:21.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32858EF2-7D65-4616-AEB0-649CE21A3C73"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:21.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E0E07CEB-EDB4-4526-A9B9-2F439A9EE003"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:21.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6717E585-5867-4616-8AD1-FEE2F967F710"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:21.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD417548-7DD2-4058-AC32-4019F47B214D"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:21.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "600185BE-98B1-4FDD-867D-153E294ED512"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:21.7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7E276112-4BC2-41E8-8D99-0DD23E8A25C6"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:21.7.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90A74403-8997-452A-8E86-AA241DB31405"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:21.7.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0925CDFE-8E19-4FE8-A827-509317C55AD1"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:21.7.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "58589FCF-4341-4603-BC6C-285871623297"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:21.7.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2EBD00DE-9FDE-4D3F-81BD-0EE830E56645"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:22.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39867E3E-114A-438A-ACDE-1FF5BA753B1A"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:22.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2AE61766-C031-4377-8F60-31C15C2F6FDC"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:22.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B93AB79-64DD-4C70-8BBA-008A66BB20F7"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:22.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C54D0A0E-58F8-4297-B8F6-71FDBCD6A59F"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:22.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "420D2A52-5D89-444F-9272-D5C89512EA72"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:22.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D3E3A588-9BB0-4197-AADB-F4DAB0CDE2F9"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:22.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2A221483-98AA-4B00-A14B-800A8DD8FEC3"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:22.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7E54CC40-470C-4335-811B-37E3F1ED1B4F"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:22.3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C3FF2B95-5600-49F7-8B6D-C6B004FDC019"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:22.3.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "118C46C5-217C-4FD3-AAA0-D03DBD76A117"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:22.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D876584E-679C-41BD-9548-24355C038052"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:22.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CE6D55AC-2199-4C7A-8243-8B821AC1B813"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:22.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8FE8E132-6A89-4FC2-86AF-FDD0F821B586"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:22.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3438F124-0922-4F06-82DF-AB8539FDAEA5"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:22.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6F3632F-7137-422E-83B9-4243CDCFCC81"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:22.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "18A1A4BC-DB70-4C64-ABE9-7EBE0D406FA8"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:22.5.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25F01A0E-1BAD-4D98-84A5-2772C7378920"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:22.5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C562FF23-D427-49DF-A31A-999A09448179"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:22.5.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9CC59192-A61E-4C8D-ADCB-805D0CB5AC06"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:22.5.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8FA83594-FCEC-4AC1-B92D-B2EADBCC65C1"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:22.5.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "740D2625-6A11-4241-842B-F7AABEBC50B6"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:22.5.7.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C8511C9-7A2E-4739-9030-4932264D56AF"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:22.5.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9091D254-7D2F-46EA-9BCC-14E4CEFD98FD"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:22.5.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FEE1A651-537F-491C-BEA8-D5CE8C262E53"
          },
          {
            "criteria": "cpe:2.3:a:lilo:lilo:22.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C636C4B-064C-4FBF-8C10-F05B35AA1DB1"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Vendor comments

Configurations

References
