Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0384

Overview

Vulnerability Score 4.9 4.9
CVE Id CVE-2008-0384
Last Modified 05 Sep 2008 05:34:55
Published 22 Jan 2008 03:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-0384

Summary

OpenBSD 4.2 allows local users to cause a denial of service (kernel panic) by calling the SIOCGIFRTLABEL IOCTL on an interface that does not have a route label, which triggers a NULL pointer dereference when the return value from the rtlabel_id2name function is not checked.

Vulnerable Systems

Application

  • Openbsd 4.2


References

SECTRACK - 1019188

BID - 27252

OPENBSD - [4.2] 20080111 005: RELIABILITY FIX: January 11, 2008

MILW0RM - 4935

SECUNIA - 28473

MLIST - [openbsd-security-announce] 20080111 errata 005 for OpenBSD 4.2: local users can provoke a kernel panic


Last Updated: 27 May 2016 10:46:47