CVE-2008-1383

Name of the Vulnerable Software and Affected Versions Gentoo Linux (affected versions not specified) conserver versions prior to 8.1.16

Description The issue affects Gentoo Linux and is related to the handling of SSL keys and certificates. Specifically, the docert function in ssl-cert.eclass stores the SSL key in a binpkg when used by src compile or src install, allowing local users to extract the key. This results in multiple systems using the same SSL key and certificate if they use this binpkg. Additionally, there is a vulnerability in the conserver package that can lead to a breach of protected information, and it can be exploited locally.

Recommendations For conserver versions prior to 8.1.16, update to version 8.1.16 or later. At the moment, there is no information about a newer version of Gentoo Linux that contains a fix for this vulnerability.