Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3910

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-3910
Last Modified 03 Oct 2008 01:42:34
Published 04 Sep 2008 01:41:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-3910

Summary

dns2tcp before 0.4.1 does not properly handle negative values in a certain length field in the input argument to the (1) dns_simple_decode or (2) dns_decode function, which allows remote attackers to overwrite a buffer and have unspecified other impact.

Vulnerable Systems

Application

  • Hsc Dns2tcp 0.4


References

XF - dns2tcp-dnssimpledecode-dnsdecode-bo(44974)

BID - 31080

MLIST - [oss-security] 20080904 CVE id request: dns2tcp

CONFIRM - http://www.hsc.fr/ressources/outils/dns2tcp/index.html.en


Last Updated: 27 May 2016 10:48:20