Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

CVE-2008-0384

Published

16 years ago

Last Modified

5 years ago

CVSSv2.0 Severity

Medium

Impact Analysis

Share on Facebook
Share on LinkedIn
Share on Twitter

OpenBSD 4.2 allows local users to cause a denial of service (kernel panic) by calling the SIOCGIFRTLABEL IOCTL on an interface that does not have a route label, which triggers a NULL pointer dereference when the return value from the rtlabel_id2name function is not checked..

CVSSv2.0 Score

Severity: Medium
Base Score: 4.9/10
Exploit Score: 3.9/10
Access Vector: Local
Access Complexity: Low
Authentication Required: None
Impact Score: 6.9/10
Confidentiality Impact: None
Availability Impact: Complete
Integrity Impact: None

Products Affected

CPE	Affected	Vulnerable	Excluding	Edit
cpe:2.3:o:openbsd:openbsd:4.2:::::::*	Yes	-	-

References

http://marc.info/?l=openbsd-security-announce&m=120007327504064
http://www.openbsd.org/errata42.html#005_ifrtlabel
http://www.securityfocus.com/bid/27252
http://www.securitytracker.com/id?1019188
http://secunia.com/advisories/28473
https://www.exploit-db.com/exploits/4935