CVE-2008-1056
Symark PowerBroker 2.8-5.0.1 - Local Privilege Escalation via Long argv[0] String
Title source: llmDescription
Multiple stack-based buffer overflows in Symark PowerBroker 2.8 through 5.0.1 allow local users to gain privileges via a long argv[0] string when executing (1) pbrun, (2) pbsh, or (3) pbksh. NOTE: the product is often installed in environments with trust relationships that facilitate subsequent remote compromises.
References (5)
Core 5
Core References
Exploit x_refsource_misc
http://www.mnin.org/advisories/2008_symarkpb.pdf
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29111
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/28015
Patch x_refsource_confirm
http://www.symark.com/support/PBFeb2008Announcement.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/40872
Scores
EPSS
0.0042
EPSS Percentile
33.9%
Details
CWE
CWE-119
Status
published
Products (7)
symark/powerbroker
2.8
symark/powerbroker
3.0
symark/powerbroker
3.2
symark/powerbroker
3.5
symark/powerbroker
4.0
symark/powerbroker
5.0
symark/powerbroker
5.01
Published
Feb 28, 2008
Tracked Since
Feb 18, 2026