{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-01-14T00:00:00", "descriptions": [{"lang": "en", "value": "Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "63664ac6-956c-4cba-a5d0-f46076e16109", "shortName": "freebsd"}, "references": [{"name": "28579", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28579"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=429149"}, {"name": "RHSA-2008:0300", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2008-0300.html"}, {"name": "27283", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/27283"}, {"name": "30538", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30538"}, {"name": "20080124 rPSA-2008-0029-1 bind bind-utils", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/487000/100/0/threaded"}, {"name": "VU#203611", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/203611"}, {"name": "FreeBSD-SA-08:02", "tags": ["vendor-advisory", "x_refsource_FREEBSD"], "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:02.libc.asc"}, {"name": "ADV-2008-0703", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/0703"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-244.htm"}, {"name": "ADV-2008-1743", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/1743/references"}, {"name": "oval:org.mitre.oval:def:10190", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10190"}, {"name": "FEDORA-2008-0904", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00782.html"}, {"name": "28429", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28429"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://issues.rpath.com/browse/RPL-2169"}, {"name": "1019189", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1019189"}, {"name": "SUSE-SR:2008:006", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile123640&label=AIX%20libc%20inet_network%20buffer%20overflow"}, {"name": "28487", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28487"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php"}, {"name": "freebsd-inetnetwork-bo(39670)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39670"}, {"name": "30313", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30313"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4167"}, {"name": "30718", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30718"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488"}, {"name": "29323", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/29323"}, {"name": "238493", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238493-1"}, {"name": "29161", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/29161"}, {"name": "ADV-2008-0193", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/0193"}, {"name": "28367", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28367"}, {"name": "FEDORA-2008-0903", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00781.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secteam@freebsd.org", "ID": "CVE-2008-0122", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "28579", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28579"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=429149", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=429149"}, {"name": "RHSA-2008:0300", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2008-0300.html"}, {"name": "27283", "refsource": "BID", "url": "http://www.securityfocus.com/bid/27283"}, {"name": "30538", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30538"}, {"name": "20080124 rPSA-2008-0029-1 bind bind-utils", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/487000/100/0/threaded"}, {"name": "VU#203611", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/203611"}, {"name": "FreeBSD-SA-08:02", "refsource": "FREEBSD", "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:02.libc.asc"}, {"name": "ADV-2008-0703", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0703"}, {"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-244.htm", "refsource": "CONFIRM", "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-244.htm"}, {"name": "ADV-2008-1743", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/1743/references"}, {"name": "oval:org.mitre.oval:def:10190", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10190"}, {"name": "FEDORA-2008-0904", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00782.html"}, {"name": "28429", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28429"}, {"name": "https://issues.rpath.com/browse/RPL-2169", "refsource": "CONFIRM", "url": "https://issues.rpath.com/browse/RPL-2169"}, {"name": "1019189", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1019189"}, {"name": "SUSE-SR:2008:006", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html"}, {"name": "http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile123640&label=AIX%20libc%20inet_network%20buffer%20overflow", "refsource": "CONFIRM", "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile123640&label=AIX%20libc%20inet_network%20buffer%20overflow"}, {"name": "28487", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28487"}, {"name": "http://www.isc.org/index.pl?/sw/bind/bind-security.php", "refsource": "CONFIRM", "url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php"}, {"name": "freebsd-inetnetwork-bo(39670)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39670"}, {"name": "30313", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30313"}, {"name": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4167", "refsource": "CONFIRM", "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4167"}, {"name": "30718", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30718"}, {"name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488", "refsource": "CONFIRM", "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488"}, {"name": "29323", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29323"}, {"name": "238493", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238493-1"}, {"name": "29161", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29161"}, {"name": "ADV-2008-0193", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0193"}, {"name": "28367", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28367"}, {"name": "FEDORA-2008-0903", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00781.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T07:32:24.383Z"}, "title": "CVE Program Container", "references": [{"name": "28579", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28579"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=429149"}, {"name": "RHSA-2008:0300", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2008-0300.html"}, {"name": "27283", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/27283"}, {"name": "30538", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30538"}, {"name": "20080124 rPSA-2008-0029-1 bind bind-utils", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/487000/100/0/threaded"}, {"name": "VU#203611", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/203611"}, {"name": "FreeBSD-SA-08:02", "tags": ["vendor-advisory", "x_refsource_FREEBSD", "x_transferred"], "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:02.libc.asc"}, {"name": "ADV-2008-0703", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/0703"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-244.htm"}, {"name": "ADV-2008-1743", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/1743/references"}, {"name": "oval:org.mitre.oval:def:10190", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10190"}, {"name": "FEDORA-2008-0904", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00782.html"}, {"name": "28429", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28429"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://issues.rpath.com/browse/RPL-2169"}, {"name": "1019189", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1019189"}, {"name": "SUSE-SR:2008:006", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile123640&label=AIX%20libc%20inet_network%20buffer%20overflow"}, {"name": "28487", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28487"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php"}, {"name": "freebsd-inetnetwork-bo(39670)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39670"}, {"name": "30313", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30313"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4167"}, {"name": "30718", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30718"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488"}, {"name": "29323", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/29323"}, {"name": "238493", "tags": ["vendor-advisory", "x_refsource_SUNALERT", "x_transferred"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238493-1"}, {"name": "29161", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/29161"}, {"name": "ADV-2008-0193", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/0193"}, {"name": "28367", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28367"}, {"name": "FEDORA-2008-0903", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00781.html"}]}]}, "cveMetadata": {"assignerOrgId": "63664ac6-956c-4cba-a5d0-f46076e16109", "assignerShortName": "freebsd", "cveId": "CVE-2008-0122", "datePublished": "2008-01-16T01:00:00", "dateReserved": "2008-01-07T00:00:00", "dateUpdated": "2024-08-07T07:32:24.383Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "matchCriteriaId": "27AB604E-DF87-4E96-A348-CED75A9A76FF", "versionEndIncluding": "9.4.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:-:*:*:*:*:*:*", "matchCriteriaId": "99009B85-61C6-4113-B3EF-40B8F330B65C", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:p1:*:*:*:*:*:*", "matchCriteriaId": "34B2D56E-32CE-4892-958A-CE339F69D63C", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:p10:*:*:*:*:*:*", "matchCriteriaId": "5320FE55-9641-4298-A2C3-98263891CAA1", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:p11:*:*:*:*:*:*", "matchCriteriaId": "70C230AE-27C9-4EFA-B413-74A42B2D1044", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:p12:*:*:*:*:*:*", "matchCriteriaId": "E9DB2F8F-0F2F-4FD4-92DC-E987B82F76C1", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:p4:*:*:*:*:*:*", "matchCriteriaId": "BBCED956-7969-40E0-8E45-8A8DB8C4473F", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:p5:*:*:*:*:*:*", "matchCriteriaId": "285D90AC-242A-403F-BB38-A52459523B4A", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:p6:*:*:*:*:*:*", "matchCriteriaId": "B7749CCD-6474-4E81-8C08-F44EF0C306A9", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:p7:*:*:*:*:*:*", "matchCriteriaId": "DDA9DC77-22F6-45A3-9726-9E16EBBC62BB", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:p8:*:*:*:*:*:*", "matchCriteriaId": "0B6DB6EA-BF8A-402E-A1FD-CA674899E65E", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:p9:*:*:*:*:*:*", "matchCriteriaId": "DD640B09-ABAB-4E6C-9AA4-937A4C7E63AC", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:rc1:*:*:*:*:*:*", "matchCriteriaId": "C527F07A-A8A0-49DD-AEE8-095EEAF8FAA8", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:rc2:*:*:*:*:*:*", "matchCriteriaId": "831F5B5E-BA5F-449E-B172-466606A868EB", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:-:*:*:*:*:*:*", "matchCriteriaId": "2D9F4FEB-30E5-4EF6-BEB6-0F1A4DE7EFB9", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:p1:*:*:*:*:*:*", "matchCriteriaId": "BB6FC258-9735-4199-9499-ACFCEF30EE5E", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:p10:*:*:*:*:*:*", "matchCriteriaId": "277D5B3F-A909-4135-B7AB-7A754A058AA0", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:p11:*:*:*:*:*:*", "matchCriteriaId": "E8D5B37F-85BA-4436-B0B5-2FF640535D68", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:p12:*:*:*:*:*:*", "matchCriteriaId": "B2ADD6F7-6FC3-48A8-8942-E0CDA50D74DB", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:p13:*:*:*:*:*:*", "matchCriteriaId": "47137313-8B9D-4574-9189-1A807482D5A0", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:p14:*:*:*:*:*:*", "matchCriteriaId": "3DC070F4-8B34-4212-BD66-64305E8A5AFA", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:p15:*:*:*:*:*:*", "matchCriteriaId": "99EC1D5D-C805-4BBF-9419-D9B00EAC4922", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:p2:*:*:*:*:*:*", "matchCriteriaId": "BA825CA5-84B6-4DA4-9F7F-644E532185A8", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:p3:*:*:*:*:*:*", "matchCriteriaId": "90B64FDC-01C0-4A83-827D-31F477C0359B", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:p4:*:*:*:*:*:*", "matchCriteriaId": "6C826F67-CA6D-4DA4-B5E9-9F4FEFE3D6D1", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:p5:*:*:*:*:*:*", "matchCriteriaId": "D5666E87-F0CB-45FA-9AED-C7A0F383A559", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:p6:*:*:*:*:*:*", "matchCriteriaId": "6032AC16-C610-4D19-96A2-FA5233FC56B5", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:p7:*:*:*:*:*:*", "matchCriteriaId": "243B3C87-7899-4E1F-9488-D0AA0AFDDB03", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:p8:*:*:*:*:*:*", "matchCriteriaId": "E596C19A-0BD6-4A9E-A7E5-C86DE0616763", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:p9:*:*:*:*:*:*", "matchCriteriaId": "6A9AEE2B-EE04-4B51-B28E-E401E99BF63B", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:rc2:*:*:*:*:*:*", "matchCriteriaId": "492B1533-775F-446E-84A3-BB1BF27CC2BF", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:-:*:*:*:*:*:*", "matchCriteriaId": "F0F3E8EE-7DA6-4A92-8A73-4785205E4BF6", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:p1:*:*:*:*:*:*", "matchCriteriaId": "A50D71A9-6046-46DE-9D7B-624165EAB074", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:p10:*:*:*:*:*:*", "matchCriteriaId": "971C97E8-1324-4F95-BD09-FBDAF127A7B0", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:p11:*:*:*:*:*:*", "matchCriteriaId": "F1BA5765-A75D-411F-8A77-4114D5BE5CAD", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:p2:*:*:*:*:*:*", "matchCriteriaId": "77823FF0-285C-40D5-BFCF-8B4AD6A025CD", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:p3:*:*:*:*:*:*", "matchCriteriaId": "E24AD132-4334-4A3D-A035-5D9E52AD48B6", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:p4:*:*:*:*:*:*", "matchCriteriaId": "5A0C7D2E-D7D8-464B-8DE8-49C4552D05A0", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:p5:*:*:*:*:*:*", "matchCriteriaId": "AC2C60BA-E0F5-44C3-AB03-9EE8503401E0", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:p6:*:*:*:*:*:*", "matchCriteriaId": "880342FB-2B63-4FB4-8B3A-87BFB81DEAD6", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:p7:*:*:*:*:*:*", "matchCriteriaId": "2EF0C9BB-9691-4382-A756-92521E2937FC", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:p8:*:*:*:*:*:*", "matchCriteriaId": "EDFB4A8B-8CA8-4C7A-B94E-C72F84FCEED6", "vulnerable": false}, {"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:p9:*:*:*:*:*:*", "matchCriteriaId": "A1912ACC-136C-4697-9021-598EDBFDAD6D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption."}, {"lang": "es", "value": "Error por un paso en la funci\u00f3n inet_network en libbind en ISC BIND 9.4.2 y versiones anteriores, como se utiliza en libc en FreeBSD 6.2 hasta la versi\u00f3n 7.0-PRERELEASE, permite a atacantes dependientes del contexto provocar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de entradas manipuladas que desencadenan corrupci\u00f3n de memoria."}], "id": "CVE-2008-0122", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-01-16T02:00:00.000", "references": [{"source": "secteam@freebsd.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html"}, {"source": "secteam@freebsd.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/28367"}, {"source": "secteam@freebsd.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/28429"}, {"source": "secteam@freebsd.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/28487"}, {"source": "secteam@freebsd.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/28579"}, {"source": "secteam@freebsd.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/29161"}, {"source": "secteam@freebsd.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/29323"}, {"source": "secteam@freebsd.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/30313"}, {"source": "secteam@freebsd.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/30538"}, {"source": "secteam@freebsd.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/30718"}, {"source": "secteam@freebsd.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:02.libc.asc"}, {"source": "secteam@freebsd.org", "tags": ["Broken Link"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238493-1"}, {"source": "secteam@freebsd.org", "tags": ["Third Party Advisory"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-244.htm"}, {"source": "secteam@freebsd.org", "tags": ["Vendor Advisory"], "url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php"}, {"source": "secteam@freebsd.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/203611"}, {"source": "secteam@freebsd.org", "tags": ["Third Party Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2008-0300.html"}, {"source": "secteam@freebsd.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/487000/100/0/threaded"}, {"source": "secteam@freebsd.org", "tags": ["Patch", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/27283"}, {"source": "secteam@freebsd.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1019189"}, {"source": "secteam@freebsd.org", "tags": ["Permissions Required"], "url": "http://www.vupen.com/english/advisories/2008/0193"}, {"source": "secteam@freebsd.org", "tags": ["Permissions Required"], "url": "http://www.vupen.com/english/advisories/2008/0703"}, {"source": "secteam@freebsd.org", "tags": ["Permissions Required"], "url": "http://www.vupen.com/english/advisories/2008/1743/references"}, {"source": "secteam@freebsd.org", "tags": ["Third Party Advisory"], "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile123640&label=AIX%20libc%20inet_network%20buffer%20overflow"}, {"source": "secteam@freebsd.org", "tags": ["Third Party Advisory"], "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4167"}, {"source": "secteam@freebsd.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=429149"}, {"source": "secteam@freebsd.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39670"}, {"source": "secteam@freebsd.org", "tags": ["Third Party Advisory"], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488"}, {"source": "secteam@freebsd.org", "tags": ["Third Party Advisory"], "url": "https://issues.rpath.com/browse/RPL-2169"}, {"source": "secteam@freebsd.org", "tags": ["Third Party Advisory"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10190"}, {"source": "secteam@freebsd.org", "tags": ["Third Party Advisory"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00781.html"}, {"source": "secteam@freebsd.org", "tags": ["Third Party Advisory"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00782.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/28367"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/28429"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/28487"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/28579"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/29161"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/29323"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/30313"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/30538"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/30718"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:02.libc.asc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238493-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-244.htm"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/203611"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2008-0300.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/487000/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/27283"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1019189"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required"], "url": "http://www.vupen.com/english/advisories/2008/0193"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required"], "url": "http://www.vupen.com/english/advisories/2008/0703"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required"], "url": "http://www.vupen.com/english/advisories/2008/1743/references"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile123640&label=AIX%20libc%20inet_network%20buffer%20overflow"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4167"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=429149"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39670"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://issues.rpath.com/browse/RPL-2169"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10190"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00781.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00782.html"}], "sourceIdentifier": "secteam@freebsd.org", "vendorComments": [{"comment": "This issue did not affect the versions of GNU libc as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.\n\nThis issue affects the versions of libbind as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5, however the vulnerable function is not used by any shipped applications.  The Red Hat Security Response Team has therefore rated this issue as having low security impact, a future update may address this flaw. \nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2008-0122\n\nAn update to Red Hat Enterprise Linux 5 was released to correct this issue:\nhttps://rhn.redhat.com/errata/RHSA-2008-0300.html", "lastModified": "2008-05-21T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-189"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2008:0300", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "bind-30:9.3.4-6.P1.el5", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2008-05-20T00:00:00Z"}], "bugzilla": {"description": "libbind off-by-one buffer overflow", "id": "429149", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=429149"}, "csaw": false, "cwe": "CWE-193", "details": ["Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption."], "name": "CVE-2008-0122", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:4", "fix_state": "Affected", "package_name": "bind", "product_name": "Red Hat Enterprise Linux 4"}], "public_date": "2008-01-14T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2008-0122\nhttps://nvd.nist.gov/vuln/detail/CVE-2008-0122"], "statement": "This issue did not affect the versions of GNU libc as shipped with Red Hat\nEnterprise Linux 2.1, 3, 4, or 5.\nThis issue affects the versions of libbind as shipped with Red Hat Enterprise\nLinux 2.1, 3, 4, and 5, however the vulnerable function is not used by any\nshipped applications.  The Red Hat Security Response Team has therefore rated\nthis issue as having low security impact, a future update may address this flaw. \nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2008-0122", "threat_severity": "Low"}