cve-2008-0122
Vulnerability from cvelistv5
Published
2008-01-16 01:00
Modified
2024-08-07 07:32
Severity ?
Summary
Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption.
References
secteam@freebsd.orghttp://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.htmlMailing List, Third Party Advisory
secteam@freebsd.orghttp://secunia.com/advisories/28367Third Party Advisory
secteam@freebsd.orghttp://secunia.com/advisories/28429Third Party Advisory
secteam@freebsd.orghttp://secunia.com/advisories/28487Third Party Advisory
secteam@freebsd.orghttp://secunia.com/advisories/28579Third Party Advisory
secteam@freebsd.orghttp://secunia.com/advisories/29161Third Party Advisory
secteam@freebsd.orghttp://secunia.com/advisories/29323Third Party Advisory
secteam@freebsd.orghttp://secunia.com/advisories/30313Third Party Advisory
secteam@freebsd.orghttp://secunia.com/advisories/30538Third Party Advisory
secteam@freebsd.orghttp://secunia.com/advisories/30718Third Party Advisory
secteam@freebsd.orghttp://security.freebsd.org/advisories/FreeBSD-SA-08:02.libc.ascPatch, Vendor Advisory
secteam@freebsd.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-26-238493-1Broken Link
secteam@freebsd.orghttp://support.avaya.com/elmodocs2/security/ASA-2008-244.htmThird Party Advisory
secteam@freebsd.orghttp://www.isc.org/index.pl?/sw/bind/bind-security.phpVendor Advisory
secteam@freebsd.orghttp://www.kb.cert.org/vuls/id/203611Third Party Advisory, US Government Resource
secteam@freebsd.orghttp://www.redhat.com/support/errata/RHSA-2008-0300.htmlThird Party Advisory
secteam@freebsd.orghttp://www.securityfocus.com/archive/1/487000/100/0/threadedThird Party Advisory, VDB Entry
secteam@freebsd.orghttp://www.securityfocus.com/bid/27283Patch, Third Party Advisory, VDB Entry
secteam@freebsd.orghttp://www.securitytracker.com/id?1019189Third Party Advisory, VDB Entry
secteam@freebsd.orghttp://www.vupen.com/english/advisories/2008/0193Permissions Required
secteam@freebsd.orghttp://www.vupen.com/english/advisories/2008/0703Permissions Required
secteam@freebsd.orghttp://www.vupen.com/english/advisories/2008/1743/referencesPermissions Required
secteam@freebsd.orghttp://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile123640&label=AIX%20libc%20inet_network%20buffer%20overflowThird Party Advisory
secteam@freebsd.orghttp://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4167Third Party Advisory
secteam@freebsd.orghttps://bugzilla.redhat.com/show_bug.cgi?id=429149Issue Tracking, Third Party Advisory
secteam@freebsd.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/39670Third Party Advisory, VDB Entry
secteam@freebsd.orghttps://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488Third Party Advisory
secteam@freebsd.orghttps://issues.rpath.com/browse/RPL-2169Third Party Advisory
secteam@freebsd.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10190Third Party Advisory
secteam@freebsd.orghttps://www.redhat.com/archives/fedora-package-announce/2008-January/msg00781.htmlThird Party Advisory
secteam@freebsd.orghttps://www.redhat.com/archives/fedora-package-announce/2008-January/msg00782.htmlThird Party Advisory
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T07:32:24.383Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "28579",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28579"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=429149"
          },
          {
            "name": "RHSA-2008:0300",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0300.html"
          },
          {
            "name": "27283",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/27283"
          },
          {
            "name": "30538",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30538"
          },
          {
            "name": "20080124 rPSA-2008-0029-1 bind bind-utils",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/487000/100/0/threaded"
          },
          {
            "name": "VU#203611",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/203611"
          },
          {
            "name": "FreeBSD-SA-08:02",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:02.libc.asc"
          },
          {
            "name": "ADV-2008-0703",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0703"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-244.htm"
          },
          {
            "name": "ADV-2008-1743",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1743/references"
          },
          {
            "name": "oval:org.mitre.oval:def:10190",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10190"
          },
          {
            "name": "FEDORA-2008-0904",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00782.html"
          },
          {
            "name": "28429",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28429"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-2169"
          },
          {
            "name": "1019189",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1019189"
          },
          {
            "name": "SUSE-SR:2008:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7\u0026heading=AIX61\u0026path=/200802/SECURITY/20080227/datafile123640\u0026label=AIX%20libc%20inet_network%20buffer%20overflow"
          },
          {
            "name": "28487",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28487"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php"
          },
          {
            "name": "freebsd-inetnetwork-bo(39670)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39670"
          },
          {
            "name": "30313",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30313"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=4167"
          },
          {
            "name": "30718",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30718"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488"
          },
          {
            "name": "29323",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29323"
          },
          {
            "name": "238493",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238493-1"
          },
          {
            "name": "29161",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29161"
          },
          {
            "name": "ADV-2008-0193",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0193"
          },
          {
            "name": "28367",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28367"
          },
          {
            "name": "FEDORA-2008-0903",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00781.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-01-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "63664ac6-956c-4cba-a5d0-f46076e16109",
        "shortName": "freebsd"
      },
      "references": [
        {
          "name": "28579",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28579"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=429149"
        },
        {
          "name": "RHSA-2008:0300",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0300.html"
        },
        {
          "name": "27283",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/27283"
        },
        {
          "name": "30538",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30538"
        },
        {
          "name": "20080124 rPSA-2008-0029-1 bind bind-utils",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/487000/100/0/threaded"
        },
        {
          "name": "VU#203611",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/203611"
        },
        {
          "name": "FreeBSD-SA-08:02",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:02.libc.asc"
        },
        {
          "name": "ADV-2008-0703",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0703"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-244.htm"
        },
        {
          "name": "ADV-2008-1743",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1743/references"
        },
        {
          "name": "oval:org.mitre.oval:def:10190",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10190"
        },
        {
          "name": "FEDORA-2008-0904",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00782.html"
        },
        {
          "name": "28429",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28429"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-2169"
        },
        {
          "name": "1019189",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1019189"
        },
        {
          "name": "SUSE-SR:2008:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7\u0026heading=AIX61\u0026path=/200802/SECURITY/20080227/datafile123640\u0026label=AIX%20libc%20inet_network%20buffer%20overflow"
        },
        {
          "name": "28487",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28487"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php"
        },
        {
          "name": "freebsd-inetnetwork-bo(39670)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39670"
        },
        {
          "name": "30313",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30313"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=4167"
        },
        {
          "name": "30718",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30718"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488"
        },
        {
          "name": "29323",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29323"
        },
        {
          "name": "238493",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238493-1"
        },
        {
          "name": "29161",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29161"
        },
        {
          "name": "ADV-2008-0193",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0193"
        },
        {
          "name": "28367",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28367"
        },
        {
          "name": "FEDORA-2008-0903",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00781.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secteam@freebsd.org",
          "ID": "CVE-2008-0122",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "28579",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28579"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=429149",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=429149"
            },
            {
              "name": "RHSA-2008:0300",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0300.html"
            },
            {
              "name": "27283",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/27283"
            },
            {
              "name": "30538",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30538"
            },
            {
              "name": "20080124 rPSA-2008-0029-1 bind bind-utils",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/487000/100/0/threaded"
            },
            {
              "name": "VU#203611",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/203611"
            },
            {
              "name": "FreeBSD-SA-08:02",
              "refsource": "FREEBSD",
              "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:02.libc.asc"
            },
            {
              "name": "ADV-2008-0703",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0703"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2008-244.htm",
              "refsource": "CONFIRM",
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-244.htm"
            },
            {
              "name": "ADV-2008-1743",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1743/references"
            },
            {
              "name": "oval:org.mitre.oval:def:10190",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10190"
            },
            {
              "name": "FEDORA-2008-0904",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00782.html"
            },
            {
              "name": "28429",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28429"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-2169",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-2169"
            },
            {
              "name": "1019189",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1019189"
            },
            {
              "name": "SUSE-SR:2008:006",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html"
            },
            {
              "name": "http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7\u0026heading=AIX61\u0026path=/200802/SECURITY/20080227/datafile123640\u0026label=AIX%20libc%20inet_network%20buffer%20overflow",
              "refsource": "CONFIRM",
              "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7\u0026heading=AIX61\u0026path=/200802/SECURITY/20080227/datafile123640\u0026label=AIX%20libc%20inet_network%20buffer%20overflow"
            },
            {
              "name": "28487",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28487"
            },
            {
              "name": "http://www.isc.org/index.pl?/sw/bind/bind-security.php",
              "refsource": "CONFIRM",
              "url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php"
            },
            {
              "name": "freebsd-inetnetwork-bo(39670)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39670"
            },
            {
              "name": "30313",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30313"
            },
            {
              "name": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=4167",
              "refsource": "CONFIRM",
              "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=4167"
            },
            {
              "name": "30718",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30718"
            },
            {
              "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488",
              "refsource": "CONFIRM",
              "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488"
            },
            {
              "name": "29323",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29323"
            },
            {
              "name": "238493",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238493-1"
            },
            {
              "name": "29161",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29161"
            },
            {
              "name": "ADV-2008-0193",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0193"
            },
            {
              "name": "28367",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28367"
            },
            {
              "name": "FEDORA-2008-0903",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00781.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "63664ac6-956c-4cba-a5d0-f46076e16109",
    "assignerShortName": "freebsd",
    "cveId": "CVE-2008-0122",
    "datePublished": "2008-01-16T01:00:00",
    "dateReserved": "2008-01-07T00:00:00",
    "dateUpdated": "2024-08-07T07:32:24.383Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-0122\",\"sourceIdentifier\":\"secteam@freebsd.org\",\"published\":\"2008-01-16T02:00:00.000\",\"lastModified\":\"2019-08-01T12:12:48.417\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption.\"},{\"lang\":\"es\",\"value\":\"Error por un paso en la funci\u00f3n inet_network en libbind en ISC BIND 9.4.2 y versiones anteriores, como se utiliza en libc en FreeBSD 6.2 hasta la versi\u00f3n 7.0-PRERELEASE, permite a atacantes dependientes del contexto provocar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de entradas manipuladas que desencadenan corrupci\u00f3n de memoria.\"}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"This issue did not affect the versions of GNU libc as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.\\n\\nThis issue affects the versions of libbind as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5, however the vulnerable function is not used by any shipped applications.  The Red Hat Security Response Team has therefore rated this issue as having low security impact, a future update may address this flaw. \\nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2008-0122\\n\\nAn update to Red Hat Enterprise Linux 5 was released to correct this issue:\\nhttps://rhn.redhat.com/errata/RHSA-2008-0300.html\",\"lastModified\":\"2008-05-21T00:00:00\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\",\"baseScore\":10.0},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-189\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"9.4.2\",\"matchCriteriaId\":\"27AB604E-DF87-4E96-A348-CED75A9A76FF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"99009B85-61C6-4113-B3EF-40B8F330B65C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.2:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"34B2D56E-32CE-4892-958A-CE339F69D63C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.2:p10:*:*:*:*:*:*\",\"matchCriteriaId\":\"5320FE55-9641-4298-A2C3-98263891CAA1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.2:p11:*:*:*:*:*:*\",\"matchCriteriaId\":\"70C230AE-27C9-4EFA-B413-74A42B2D1044\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.2:p12:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9DB2F8F-0F2F-4FD4-92DC-E987B82F76C1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.2:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBCED956-7969-40E0-8E45-8A8DB8C4473F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.2:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"285D90AC-242A-403F-BB38-A52459523B4A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.2:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7749CCD-6474-4E81-8C08-F44EF0C306A9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.2:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDA9DC77-22F6-45A3-9726-9E16EBBC62BB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.2:p8:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B6DB6EA-BF8A-402E-A1FD-CA674899E65E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.2:p9:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD640B09-ABAB-4E6C-9AA4-937A4C7E63AC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.2:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C527F07A-A8A0-49DD-AEE8-095EEAF8FAA8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.2:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"831F5B5E-BA5F-449E-B172-466606A868EB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D9F4FEB-30E5-4EF6-BEB6-0F1A4DE7EFB9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.3:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB6FC258-9735-4199-9499-ACFCEF30EE5E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.3:p10:*:*:*:*:*:*\",\"matchCriteriaId\":\"277D5B3F-A909-4135-B7AB-7A754A058AA0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.3:p11:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8D5B37F-85BA-4436-B0B5-2FF640535D68\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.3:p12:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2ADD6F7-6FC3-48A8-8942-E0CDA50D74DB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.3:p13:*:*:*:*:*:*\",\"matchCriteriaId\":\"47137313-8B9D-4574-9189-1A807482D5A0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.3:p14:*:*:*:*:*:*\",\"matchCriteriaId\":\"3DC070F4-8B34-4212-BD66-64305E8A5AFA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.3:p15:*:*:*:*:*:*\",\"matchCriteriaId\":\"99EC1D5D-C805-4BBF-9419-D9B00EAC4922\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.3:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA825CA5-84B6-4DA4-9F7F-644E532185A8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.3:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"90B64FDC-01C0-4A83-827D-31F477C0359B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.3:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C826F67-CA6D-4DA4-B5E9-9F4FEFE3D6D1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.3:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5666E87-F0CB-45FA-9AED-C7A0F383A559\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.3:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"6032AC16-C610-4D19-96A2-FA5233FC56B5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.3:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"243B3C87-7899-4E1F-9488-D0AA0AFDDB03\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.3:p8:*:*:*:*:*:*\",\"matchCriteriaId\":\"E596C19A-0BD6-4A9E-A7E5-C86DE0616763\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.3:p9:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A9AEE2B-EE04-4B51-B28E-E401E99BF63B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.3:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"492B1533-775F-446E-84A3-BB1BF27CC2BF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0F3E8EE-7DA6-4A92-8A73-4785205E4BF6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.4:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A50D71A9-6046-46DE-9D7B-624165EAB074\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.4:p10:*:*:*:*:*:*\",\"matchCriteriaId\":\"971C97E8-1324-4F95-BD09-FBDAF127A7B0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.4:p11:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1BA5765-A75D-411F-8A77-4114D5BE5CAD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.4:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"77823FF0-285C-40D5-BFCF-8B4AD6A025CD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.4:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"E24AD132-4334-4A3D-A035-5D9E52AD48B6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.4:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A0C7D2E-D7D8-464B-8DE8-49C4552D05A0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.4:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC2C60BA-E0F5-44C3-AB03-9EE8503401E0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.4:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"880342FB-2B63-4FB4-8B3A-87BFB81DEAD6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.4:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EF0C9BB-9691-4382-A756-92521E2937FC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.4:p8:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDFB4A8B-8CA8-4C7A-B94E-C72F84FCEED6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.4:p9:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1912ACC-136C-4697-9021-598EDBFDAD6D\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/28367\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/28429\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/28487\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/28579\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/29161\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/29323\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/30313\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/30538\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/30718\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://security.freebsd.org/advisories/FreeBSD-SA-08:02.libc.asc\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-238493-1\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2008-244.htm\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.isc.org/index.pl?/sw/bind/bind-security.php\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/203611\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0300.html\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/487000/100/0/threaded\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/27283\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1019189\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0193\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0703\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/1743/references\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Permissions Required\"]},{\"url\":\"http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7\u0026heading=AIX61\u0026path=/200802/SECURITY/20080227/datafile123640\u0026label=AIX%20libc%20inet_network%20buffer%20overflow\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=4167\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=429149\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/39670\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://issues.rpath.com/browse/RPL-2169\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10190\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00781.html\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00782.html\",\"source\":\"secteam@freebsd.org\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.