Unrated severityNVD Advisory· Published Mar 18, 2008· Updated Apr 23, 2026

CVE-2008-1383

Description

The docert function in ssl-cert.eclass, when used by src_compile or src_install on Gentoo Linux, stores the SSL key in a binpkg, which allows local users to extract the key from the binpkg, and causes multiple systems that use this binpkg to have the same SSL key and certificate.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

File Project/Linux
cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*
File Project/ssl-cert.eclassllm-create

Patches

Vulnerability mechanics

References

secunia.com/advisories/29436nvdVendor Advisory
osvdb.org/43479nvd
security.gentoo.org/glsa/glsa-200803-30.xmlnvd
www.securityfocus.com/bid/28350nvd
bugs.gentoo.org/show_bug.cginvd
exchange.xforce.ibmcloud.com/vulnerabilities/41336nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000