PT-2008-1777 · Freebsd+2 · Freebsd+3

Adam Tkac

Publicado

2008-01-16

Atualizado

2019-08-01

CVE-2008-0122

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions ISC BIND versions 9.4.2 and earlier FreeBSD versions 6.2 through 7.0-PRERELEASE

Description The issue is caused by an off-by-one error in the inet network function in libbind in ISC BIND, which can lead to a denial of service (crash) and potentially allow execution of arbitrary code via crafted input that triggers memory corruption.

Recommendations For ISC BIND versions 9.4.2 and earlier, update to a version later than 9.4.2 to resolve the issue. For FreeBSD versions 6.2 through 7.0-PRERELEASE, consider upgrading to a newer version of FreeBSD that incorporates the fix for the inet network function in libbind.

Correção

DoS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-189

Identificadores relacionados

CVE-2008-0122

RHSA-2008:0300

RHSA-2008_0300

Produtos afetados

Freebsd

Isc Bind

Red Hat

Libbind

PT-2008-1777 · Freebsd+2 · Freebsd+3

CVE-2008-0122

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 38