CyberSec.Space Logo
Back to CVE Browser

CVE-2008-0122

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1700%
EPSS Percentile7.31th
PublishedJan 16, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption.

Affected Platforms (CPE)

πŸ“¦
Isc

Bind

<= 9.4.2

References & Advisories

πŸ”— http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html
πŸ”— http://secunia.com/advisories/28367
πŸ”— http://secunia.com/advisories/28429
πŸ”— http://secunia.com/advisories/28487
πŸ”— http://secunia.com/advisories/28579
πŸ”— http://secunia.com/advisories/29161
πŸ”— http://secunia.com/advisories/29323
πŸ”— http://secunia.com/advisories/30313

Related Vulnerabilities

CVE-1999-038510.0

The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execu...

CVE-1999-000910.0

Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.

CVE-2019-2513610.0

A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and ...

CVE-1999-083510.0

Denial of service in BIND named via malformed SIG records.