CVE-2008-0384

OpenBSD 4.2 - Denial of Service via SIOCGIFRTLABEL IOCTL

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-0384. PoCs published by Hunger.

AI-analyzed exploit summary This exploit triggers a null pointer dereference in OpenBSD 4.2 via the SIOCGIFRTLABEL ioctl, causing a local denial of service (kernel panic). The code creates a socket and issues the malicious ioctl call, leading to a kernel crash.

Description

OpenBSD 4.2 allows local users to cause a denial of service (kernel panic) by calling the SIOCGIFRTLABEL IOCTL on an interface that does not have a route label, which triggers a NULL pointer dereference when the return value from the rtlabel_id2name function is not checked.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Hunger · cdosbsd

https://www.exploit-db.com/exploits/4935

View Code ZIP pw:eip

This exploit triggers a null pointer dereference in OpenBSD 4.2 via the SIOCGIFRTLABEL ioctl, causing a local denial of service (kernel panic). The code creates a socket and issues the malicious ioctl call, leading to a kernel crash.

Classification

Working Poc 100%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: OpenBSD 4.2

No auth needed

Prerequisites: Local access to an OpenBSD 4.2 system

MITRE ATT&CK