CVE-2008-3896

Currently unrated

Key Information:

Vendor: Gnu
Status: Grub Legacy
Vendor: CVE Published:; 3 September 2008

Summary

Grub Legacy 0.97 and earlier stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer before and after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer.

References

http://www.securityfocus.com/archive/1/495726/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://securityreason.com/securityalert/4206

third-party-advisoryx_refsource_SREASON

http://www.ivizsecurity.com/preboot-patch.html

x_refsource_MISC

Timeline

Vulnerability published
Sep 3, 2008
Vulnerability Reserved
Sep 3, 2008