Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3648

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-3648
Last Modified 23 Jan 2009 01:40:10
Published 12 Aug 2008 07:41:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3648

Summary

nslookup.exe in Microsoft Windows XP SP2 allows user-assisted remote attackers to execute arbitrary code, as demonstrated by an attempted DNS zone transfer, and as exploited in the wild in August 2008.

Vulnerable Systems

Operating System

  • Microsoft Windows Xp


References

XF - win-nslookup-code-execution(44423)

SECTRACK - 1020711

BID - 30636

MISC - http://www.nullcode.com.ar/ncs/crash/nsloo.htm

MISC - http://packetstormsecurity.org/0808-advisories/Nslookup-Crash.txt


Last Updated: 27 May 2016 10:48:15