CVE-2008-1383

N/A Unknown
Published: March 18, 2008 Modified: April 23, 2026
View on NVD

Description

The docert function in ssl-cert.eclass, when used by src_compile or src_install on Gentoo Linux, stores the SSL key in a binpkg, which allows local users to extract the key from the binpkg, and causes multiple systems that use this binpkg to have the same SSL key and certificate.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://osvdb.org/43479
Source: cve@mitre.org
http://secunia.com/advisories/29436
Source: cve@mitre.org
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200803-30.xml
Source: cve@mitre.org
http://www.securityfocus.com/bid/28350
Source: cve@mitre.org
https://bugs.gentoo.org/show_bug.cgi?id=174759
Source: cve@mitre.org
https://exchange.xforce.ibmcloud.com/vulnerabilities/41336
Source: cve@mitre.org
http://osvdb.org/43479
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/29436
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200803-30.xml
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/28350
Source: af854a3a-2127-422b-91ae-364da2661108
https://bugs.gentoo.org/show_bug.cgi?id=174759
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/41336
Source: af854a3a-2127-422b-91ae-364da2661108

12 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.2%
11th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-310

Affected Vendors

gentoo

Related CVEs

CVE-2026-9677 N/A
CVE-2026-13245 6.1
CVE-2026-12404 5.3
CVE-2026-10820 N/A
CVE-2026-12415 9.8