CVE-2008-6800

CVE-2008-6800 is a security vulnerability that is still awaiting full analysis and scoring.

Key facts

Description

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is not a security issue. It was originally created based on one vendor's misinterpretation of an upstream changelog comment that referred to a race condition in the winbind daemon (aka winbindd) in Samba before 3.0.32. The upstream vendor states: "The Samba Team sees no way to exploit this race condition by a user of the system or an external attacker. In order to be able to trigger the race condition a privileged user (root) need to intentionally kill a winbind child process and carefully time the killing to trigger the race condition. Although, if the user is already privileged, it can more easily just kill the parent process directly." CVE concurs with the dispute. Notes: CVE users should not use this identifier

Frequently asked questions

What is CVE-2008-6800?
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is not a security issue. It was originally created based on one vendor's misinterpretation of an upstream changelog comment that referred to a race condition in the winbind daemon (aka winbindd) in Samba before 3.0.32. The upstream vendor states: "The Samba Team sees no way to exploit this race condition by a user of the system or an external attacker. In order to be able to trigger the race condition a privileged user (root) need to intentionally kill a winbind child process and carefully time the killing to trigger the race condition. Although, if the user is already privileged, it can more easily just kill the parent process directly." CVE concurs with the dispute. Notes: CVE users should not use this identifier
Is CVE-2008-6800 being actively exploited?
It is not currently listed in CISA's Known Exploited Vulnerabilities catalog, and no EPSS exploit-prediction score is available yet.
How do I fix CVE-2008-6800?
Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
When was CVE-2008-6800 published?
CVE-2008-6800 was published on 2009-05-07 and last updated on 2023-11-07.