Back to CVE Browser

CVE-2008-0003

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1720%

EPSS Percentile26.70th

PublishedJan 8, 2008

Last ModifiedApr 23, 2026

Vulnerability Description

Stack-based buffer overflow in the PAMBasicAuthenticator::PAMCallback function in OpenPegasus CIM management server (tog-pegasus), when compiled to use PAM and without PEGASUS_USE_PAM_STANDALONE_PROC defined, might allow remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2007-5360.

Affected Platforms (CPE)

📦

Openpegasus

Management Server

= 2.6.1

References & Advisories

🔗 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01438409

🔗 http://lists.vmware.com/pipermail/security-announce/2008/000014.html

🔗 http://osvdb.org/40082

🔗 http://secunia.com/advisories/28338

🔗 http://secunia.com/advisories/28462

🔗 http://secunia.com/advisories/29056

🔗 http://secunia.com/advisories/29785

🔗 http://secunia.com/advisories/29986

Related Vulnerabilities

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc all...

CVE-2026-487237.8

The browserstack-cypress-cli is BrowserStack's CLI which allows users to run Cypress tests on BrowserStack. Versions prior to 1.36...