Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0122

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-0122
Last Modified 30 Aug 2011 12:00:00
Published 15 Jan 2008 09:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-0122

Summary

Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption.

Vulnerable Systems

Application

  • Isc Bind 9.4.2


References

CERT-VN - VU#203611

BID - 27283

FREEBSD - FreeBSD-SA-08:02

FEDORA - FEDORA-2008-0904

FEDORA - FEDORA-2008-0903

CONFIRM - https://issues.rpath.com/browse/RPL-2169

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=429149

XF - freebsd-inetnetwork-bo(39670)

CONFIRM - http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4167

CONFIRM - http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile123640&label=AIX%20libc%20inet_network%20buffer%20overflow

VUPEN - ADV-2008-1743

VUPEN - ADV-2008-0703

VUPEN - ADV-2008-0193

SECTRACK - 1019189

BUGTRAQ - 20080124 rPSA-2008-0029-1 bind bind-utils

REDHAT - RHSA-2008:0300

CONFIRM - http://www.isc.org/index.pl?/sw/bind/bind-security.php

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2008-244.htm

SUNALERT - 238493

SECUNIA - 30718

SECUNIA - 30538

SECUNIA - 30313

SECUNIA - 29323

SECUNIA - 29161

SECUNIA - 28579

SECUNIA - 28487

SECUNIA - 28429

SECUNIA - 28367

SUSE - SUSE-SR:2008:006


Last Updated: 27 May 2016 10:46:40