CVE-2008-3323
CVE-2008-3323 · HIGH Severity
AV:N/AC:H/AU:N/C:C/I:C/A:C
setup.exe before 2.573.2.3 in Cygwin does not properly verify the authenticity of packages, which allows remote Cygwin mirror servers or man-in-the-middle attackers to execute arbitrary code via a package list containing the MD5 checksum of a Trojan horse package.
Learn more about our Cis Benchmark Audit For Server Software.