CVE-2008-0122

ISC BIND < 9.4.2 - Denial of Service and Possible Remote Code Execution via Off-by-One Error in inet_network

Title source: llm
STIX 2.1

Description

Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption.

References (31)

Core 31
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/30538
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28579
Issue Tracking, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=429149
Third Party Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2008-0300.html
Patch, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/27283
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/487000/100/0/threaded
Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/203611
Patch, Vendor Advisory vendor-advisory x_refsource_freebsd
http://security.freebsd.org/advisories/FreeBSD-SA-08:02.libc.asc
Permissions Required vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0703
Third Party Advisory x_refsource_confirm
http://support.avaya.com/elmodocs2/security/ASA-2008-244.htm
Permissions Required vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/1743/references
Third Party Advisory vendor-advisory x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00782.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28429
Third Party Advisory x_refsource_confirm
https://issues.rpath.com/browse/RPL-2169
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1019189
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28487
Vendor Advisory x_refsource_confirm
http://www.isc.org/index.pl?/sw/bind/bind-security.php
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/39670
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/30313
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/30718
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/29323
Broken Link vendor-advisory x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-26-238493-1
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/29161
Permissions Required vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0193
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28367
Third Party Advisory vendor-advisory x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00781.html

Scores

EPSS 0.0172
EPSS Percentile 82.6%

Details

CWE
CWE-189
Status published
Products (1)
isc/bind < 9.4.2
Published Jan 16, 2008
Tracked Since Feb 18, 2026