返回 CVE 浏览器

CVE-2008-0122

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1700%

EPSS Percentile7.31th

Published2008年1月16日

Last Modified2026年4月23日

Vulnerability Description

Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption.

Affected Platforms (CPE)

📦

Isc

Bind

<= 9.4.2

References & Advisories

🔗 http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html

🔗 http://secunia.com/advisories/28367

🔗 http://secunia.com/advisories/28429

🔗 http://secunia.com/advisories/28487

🔗 http://secunia.com/advisories/28579

🔗 http://secunia.com/advisories/29161

🔗 http://secunia.com/advisories/29323

🔗 http://secunia.com/advisories/30313

相关漏洞威胁

CVE-1999-038510.0

The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execu...

CVE-1999-000910.0

Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.

CVE-2019-2513610.0

A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and ...

CVE-1999-083510.0

Denial of service in BIND named via malformed SIG records.