CVE-2008-0384

Openbsd - Denial of Service

Title source: rule

Description

OpenBSD 4.2 allows local users to cause a denial of service (kernel panic) by calling the SIOCGIFRTLABEL IOCTL on an interface that does not have a route label, which triggers a NULL pointer dereference when the return value from the rtlabel_id2name function is not checked.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Hunger · cdosbsd

https://www.exploit-db.com/exploits/4935

View Code ZIP pw:eip

References (6)

[Mailing List] http://marc.info/?l=openbsd-security-announce&m=120007327504064

[Vendor Advisory] http://secunia.com/advisories/28473

[Various Sources] http://www.openbsd.org/errata42.html#005_ifrtlabel

[Exploit] http://www.securityfocus.com/bid/27252

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1019188

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/4935

Scores

EPSS 0.0033

EPSS Percentile 55.6%

Details

Status published

Products (1)

openbsd/openbsd 4.2

Published Jan 22, 2008

Tracked Since Feb 18, 2026