CVE-2008-0122

{"id": "CVE-2008-0122", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2008-01-16T02:00:00.000", "references": [{"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secteam@freebsd.org"}, {"url": "http://secunia.com/advisories/28367", "tags": ["Third Party Advisory"], "source": "secteam@freebsd.org"}, {"url": "http://secunia.com/advisories/28429", "tags": ["Third Party Advisory"], "source": "secteam@freebsd.org"}, {"url": "http://secunia.com/advisories/28487", "tags": ["Third Party Advisory"], "source": "secteam@freebsd.org"}, {"url": "http://secunia.com/advisories/28579", "tags": ["Third Party Advisory"], "source": "secteam@freebsd.org"}, {"url": "http://secunia.com/advisories/29161", "tags": ["Third Party Advisory"], "source": "secteam@freebsd.org"}, {"url": "http://secunia.com/advisories/29323", "tags": ["Third Party Advisory"], "source": "secteam@freebsd.org"}, {"url": "http://secunia.com/advisories/30313", "tags": ["Third Party Advisory"], "source": "secteam@freebsd.org"}, {"url": "http://secunia.com/advisories/30538", "tags": ["Third Party Advisory"], "source": "secteam@freebsd.org"}, {"url": "http://secunia.com/advisories/30718", "tags": ["Third Party Advisory"], "source": "secteam@freebsd.org"}, {"url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:02.libc.asc", "tags": ["Patch", "Vendor Advisory"], "source": "secteam@freebsd.org"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238493-1", "tags": ["Broken Link"], "source": "secteam@freebsd.org"}, {"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-244.htm", "tags": ["Third Party Advisory"], "source": "secteam@freebsd.org"}, {"url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php", "tags": ["Vendor Advisory"], "source": "secteam@freebsd.org"}, {"url": "http://www.kb.cert.org/vuls/id/203611", "tags": ["Third Party Advisory", "US Government Resource"], "source": "secteam@freebsd.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-0300.html", "tags": ["Third Party Advisory"], "source": "secteam@freebsd.org"}, {"url": "http://www.securityfocus.com/archive/1/487000/100/0/threaded", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secteam@freebsd.org"}, {"url": "http://www.securityfocus.com/bid/27283", "tags": ["Patch", "Third Party Advisory", "VDB Entry"], "source": "secteam@freebsd.org"}, {"url": "http://www.securitytracker.com/id?1019189", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secteam@freebsd.org"}, {"url": "http://www.vupen.com/english/advisories/2008/0193", "tags": ["Permissions Required"], "source": "secteam@freebsd.org"}, {"url": "http://www.vupen.com/english/advisories/2008/0703", "tags": ["Permissions Required"], "source": "secteam@freebsd.org"}, {"url": "http://www.vupen.com/english/advisories/2008/1743/references", "tags": ["Permissions Required"], "source": "secteam@freebsd.org"}, {"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile123640&label=AIX%20libc%20inet_network%20buffer%20overflow", "tags": ["Third Party Advisory"], "source": "secteam@freebsd.org"}, {"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4167", "tags": ["Third Party Advisory"], "source": "secteam@freebsd.org"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=429149", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secteam@freebsd.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39670", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secteam@freebsd.org"}, {"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488", "tags": ["Third Party Advisory"], "source": "secteam@freebsd.org"}, {"url": "https://issues.rpath.com/browse/RPL-2169", "tags": ["Third Party Advisory"], "source": "secteam@freebsd.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10190", "tags": ["Third Party Advisory"], "source": "secteam@freebsd.org"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00781.html", "tags": ["Third Party Advisory"], "source": "secteam@freebsd.org"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00782.html", "tags": ["Third Party Advisory"], "source": "secteam@freebsd.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-189"}]}], "descriptions": [{"lang": "en", "value": "Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption."}, {"lang": "es", "value": "Error por un paso en la funci\u00f3n inet_network en libbind en ISC BIND 9.4.2 y versiones anteriores, como se utiliza en libc en FreeBSD 6.2 hasta la versi\u00f3n 7.0-PRERELEASE, permite a atacantes dependientes del contexto provocar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de entradas manipuladas que desencadenan corrupci\u00f3n de memoria."}], "lastModified": "2019-08-01T12:12:48.417", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "27AB604E-DF87-4E96-A348-CED75A9A76FF", "versionEndIncluding": "9.4.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:-:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "99009B85-61C6-4113-B3EF-40B8F330B65C"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:p1:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "34B2D56E-32CE-4892-958A-CE339F69D63C"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:p10:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5320FE55-9641-4298-A2C3-98263891CAA1"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:p11:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "70C230AE-27C9-4EFA-B413-74A42B2D1044"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:p12:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E9DB2F8F-0F2F-4FD4-92DC-E987B82F76C1"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:p4:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BBCED956-7969-40E0-8E45-8A8DB8C4473F"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:p5:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "285D90AC-242A-403F-BB38-A52459523B4A"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:p6:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B7749CCD-6474-4E81-8C08-F44EF0C306A9"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:p7:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DDA9DC77-22F6-45A3-9726-9E16EBBC62BB"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:p8:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0B6DB6EA-BF8A-402E-A1FD-CA674899E65E"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:p9:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DD640B09-ABAB-4E6C-9AA4-937A4C7E63AC"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:rc1:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C527F07A-A8A0-49DD-AEE8-095EEAF8FAA8"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:rc2:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "831F5B5E-BA5F-449E-B172-466606A868EB"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:-:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2D9F4FEB-30E5-4EF6-BEB6-0F1A4DE7EFB9"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:p1:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BB6FC258-9735-4199-9499-ACFCEF30EE5E"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:p10:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "277D5B3F-A909-4135-B7AB-7A754A058AA0"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:p11:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E8D5B37F-85BA-4436-B0B5-2FF640535D68"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:p12:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B2ADD6F7-6FC3-48A8-8942-E0CDA50D74DB"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:p13:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "47137313-8B9D-4574-9189-1A807482D5A0"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:p14:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3DC070F4-8B34-4212-BD66-64305E8A5AFA"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:p15:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "99EC1D5D-C805-4BBF-9419-D9B00EAC4922"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:p2:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BA825CA5-84B6-4DA4-9F7F-644E532185A8"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:p3:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "90B64FDC-01C0-4A83-827D-31F477C0359B"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:p4:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6C826F67-CA6D-4DA4-B5E9-9F4FEFE3D6D1"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:p5:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D5666E87-F0CB-45FA-9AED-C7A0F383A559"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:p6:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6032AC16-C610-4D19-96A2-FA5233FC56B5"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:p7:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "243B3C87-7899-4E1F-9488-D0AA0AFDDB03"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:p8:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E596C19A-0BD6-4A9E-A7E5-C86DE0616763"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:p9:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6A9AEE2B-EE04-4B51-B28E-E401E99BF63B"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:rc2:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "492B1533-775F-446E-84A3-BB1BF27CC2BF"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:-:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F0F3E8EE-7DA6-4A92-8A73-4785205E4BF6"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:p1:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A50D71A9-6046-46DE-9D7B-624165EAB074"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:p10:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "971C97E8-1324-4F95-BD09-FBDAF127A7B0"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:p11:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F1BA5765-A75D-411F-8A77-4114D5BE5CAD"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:p2:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "77823FF0-285C-40D5-BFCF-8B4AD6A025CD"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:p3:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E24AD132-4334-4A3D-A035-5D9E52AD48B6"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:p4:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5A0C7D2E-D7D8-464B-8DE8-49C4552D05A0"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:p5:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AC2C60BA-E0F5-44C3-AB03-9EE8503401E0"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:p6:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "880342FB-2B63-4FB4-8B3A-87BFB81DEAD6"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:p7:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2EF0C9BB-9691-4382-A756-92521E2937FC"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:p8:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EDFB4A8B-8CA8-4C7A-B94E-C72F84FCEED6"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:p9:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A1912ACC-136C-4697-9021-598EDBFDAD6D"}], "operator": "OR"}], "operator": "AND"}], "vendorComments": [{"comment": "This issue did not affect the versions of GNU libc as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.\n\nThis issue affects the versions of libbind as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5, however the vulnerable function is not used by any shipped applications. The Red Hat Security Response Team has therefore rated this issue as having low security impact, a future update may address this flaw. \nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2008-0122\n\nAn update to Red Hat Enterprise Linux 5 was released to correct this issue:\nhttps://rhn.redhat.com/errata/RHSA-2008-0300.html", "lastModified": "2008-05-21T00:00:00", "organization": "Red Hat"}], "sourceIdentifier": "secteam@freebsd.org"}