CVE-2008-5397
published 2008-12-09CVE-2008-5397: Tor before 0.2.0.32 does not properly process the (1) User and (2) Group configuration options, which might allow local users to gain privileges by leveraging…
high7.2CVSS 3.1
AVLACLAuNCCICAC
Tor before 0.2.0.32 does not properly process the (1) User and (2) Group configuration options, which might allow local users to gain privileges by leveraging unintended supplementary group memberships of the Tor process.
Affected
105 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | tor | < tor 0.2.0.32-1 (bookworm) | tor 0.2.0.32-1 (bookworm) |
| tor | tor | <= 0.1.2.31 | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
CVSS provenance
nvd7.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.2HIGH