10

CVE-2008-0122

Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IscBind Version <= 9.4.2
   FreebsdFreebsd Version6.2 Update-
   FreebsdFreebsd Version6.2 Updatep1
   FreebsdFreebsd Version6.2 Updatep10
   FreebsdFreebsd Version6.2 Updatep11
   FreebsdFreebsd Version6.2 Updatep12
   FreebsdFreebsd Version6.2 Updatep4
   FreebsdFreebsd Version6.2 Updatep5
   FreebsdFreebsd Version6.2 Updatep6
   FreebsdFreebsd Version6.2 Updatep7
   FreebsdFreebsd Version6.2 Updatep8
   FreebsdFreebsd Version6.2 Updatep9
   FreebsdFreebsd Version6.2 Updaterc1
   FreebsdFreebsd Version6.2 Updaterc2
   FreebsdFreebsd Version6.3 Update-
   FreebsdFreebsd Version6.3 Updatep1
   FreebsdFreebsd Version6.3 Updatep10
   FreebsdFreebsd Version6.3 Updatep11
   FreebsdFreebsd Version6.3 Updatep12
   FreebsdFreebsd Version6.3 Updatep13
   FreebsdFreebsd Version6.3 Updatep14
   FreebsdFreebsd Version6.3 Updatep15
   FreebsdFreebsd Version6.3 Updatep2
   FreebsdFreebsd Version6.3 Updatep3
   FreebsdFreebsd Version6.3 Updatep4
   FreebsdFreebsd Version6.3 Updatep5
   FreebsdFreebsd Version6.3 Updatep6
   FreebsdFreebsd Version6.3 Updatep7
   FreebsdFreebsd Version6.3 Updatep8
   FreebsdFreebsd Version6.3 Updatep9
   FreebsdFreebsd Version6.3 Updaterc2
   FreebsdFreebsd Version6.4 Update-
   FreebsdFreebsd Version6.4 Updatep1
   FreebsdFreebsd Version6.4 Updatep10
   FreebsdFreebsd Version6.4 Updatep11
   FreebsdFreebsd Version6.4 Updatep2
   FreebsdFreebsd Version6.4 Updatep3
   FreebsdFreebsd Version6.4 Updatep4
   FreebsdFreebsd Version6.4 Updatep5
   FreebsdFreebsd Version6.4 Updatep6
   FreebsdFreebsd Version6.4 Updatep7
   FreebsdFreebsd Version6.4 Updatep8
   FreebsdFreebsd Version6.4 Updatep9
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 12.3% 0.957
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.isc.org/index.pl?/sw/bind/bind-security.php
Vendor Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/29323
Third Party Advisory
http://secunia.com/advisories/30313
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0300.html
Third Party Advisory
http://secunia.com/advisories/28367
Third Party Advisory
http://secunia.com/advisories/28429
Third Party Advisory
http://secunia.com/advisories/28487
Third Party Advisory
http://secunia.com/advisories/28579
Third Party Advisory
http://secunia.com/advisories/29161
Third Party Advisory
http://secunia.com/advisories/30538
Third Party Advisory
http://secunia.com/advisories/30718
Third Party Advisory
http://security.freebsd.org/advisories/FreeBSD-SA-08:02.libc.asc
Patch
Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-238493-1
Broken Link
http://support.avaya.com/elmodocs2/security/ASA-2008-244.htm
Third Party Advisory
http://www.kb.cert.org/vuls/id/203611
Third Party Advisory
US Government Resource
http://www.securityfocus.com/archive/1/487000/100/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/27283
Patch
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1019189
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2008/0193
Permissions Required
http://www.vupen.com/english/advisories/2008/0703
Permissions Required
http://www.vupen.com/english/advisories/2008/1743/references
Permissions Required
http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile123640&label=AIX%20libc%20inet_network%20buffer%20overflow
Third Party Advisory
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4167
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=429149
Third Party Advisory
Issue Tracking
https://exchange.xforce.ibmcloud.com/vulnerabilities/39670
Third Party Advisory
VDB Entry
https://issues.rpath.com/browse/RPL-2169
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10190
Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00781.html
Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00782.html
Third Party Advisory