Search for vulnerabilities
Vulnerability details: VCID-cyar-2z8b-aaad
Vulnerability ID VCID-cyar-2z8b-aaad
Aliases CVE-2008-0122
Summary Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-189 Numeric Errors
CWE-193 Off-by-one Error
System Score Found at
rhas Moderate https://access.redhat.com/errata/RHSA-2008:0300
epss 0.01605 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01605 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01605 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01605 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01605 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01605 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01605 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01605 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01605 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01605 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01605 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01605 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01616 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01616 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01616 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01616 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01616 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01616 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01616 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01616 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01616 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01616 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01616 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01616 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01616 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01616 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01616 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01616 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01616 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01616 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01616 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01616 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01616 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01616 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01616 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01616 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01616 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.0189 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.0189 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.0189 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.0189 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.0189 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.0189 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.0189 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.0189 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.0189 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.0189 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.0189 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.0189 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.0189 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.0189 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.0189 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.0189 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.0189 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01942 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01942 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01942 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01942 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01942 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01942 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01942 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01942 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01942 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01942 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01942 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01985 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.01985 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.02108 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.02108 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.0218 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.0218 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.0218 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.0218 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.0218 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.0218 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.0218 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.0218 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.0218 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.0218 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.0218 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.08409 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.21467 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.21467 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.21467 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
epss 0.21467 https://api.first.org/data/v1/epss?cve=CVE-2008-0122
cvssv2 10.0 https://nvd.nist.gov/vuln/detail/CVE-2008-0122
Reference id Reference type URL
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0122.json
https://api.first.org/data/v1/epss?cve=CVE-2008-0122
https://bugzilla.redhat.com/show_bug.cgi?id=429149
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0122
http://secunia.com/advisories/28367
http://secunia.com/advisories/28429
http://secunia.com/advisories/28487
http://secunia.com/advisories/28579
http://secunia.com/advisories/29161
http://secunia.com/advisories/29323
http://secunia.com/advisories/30313
http://secunia.com/advisories/30538
http://secunia.com/advisories/30718
http://security.freebsd.org/advisories/FreeBSD-SA-08:02.libc.asc
https://exchange.xforce.ibmcloud.com/vulnerabilities/39670
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488
https://issues.rpath.com/browse/RPL-2169
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10190
http://sunsolve.sun.com/search/document.do?assetkey=1-26-238493-1
http://support.avaya.com/elmodocs2/security/ASA-2008-244.htm
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00781.html
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00782.html
http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile123640&label=AIX%20libc%20inet_network%20buffer%20overflow
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4167
http://www.isc.org/index.pl?/sw/bind/bind-security.php
http://www.kb.cert.org/vuls/id/203611
http://www.redhat.com/support/errata/RHSA-2008-0300.html
http://www.securityfocus.com/archive/1/487000/100/0/threaded
http://www.securityfocus.com/bid/27283
http://www.securitytracker.com/id?1019189
http://www.vupen.com/english/advisories/2008/0193
http://www.vupen.com/english/advisories/2008/0703
http://www.vupen.com/english/advisories/2008/1743/references
CVE-2008-0122 https://nvd.nist.gov/vuln/detail/CVE-2008-0122
RHSA-2008:0300 https://access.redhat.com/errata/RHSA-2008:0300
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2008-0122
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.87812
EPSS Score 0.01605
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.