Lucene search

MitreCVE-2008-1095

HistoryFeb 29, 2008 - 11:44 a.m.

CVE-2008-1095

2008-02-2911:44:00

CWE-264

mitre

web.nvd.nist.gov

cve-2008-1095

vulnerability

sun solaris

ip implementation

firewall

denial of service

icmp

ip fragment

reassembly

nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

AI Score

6.8

Confidence

High

EPSS

0.009

Percentile

82.5%

JSON

Unspecified vulnerability in the Internet Protocol (IP) implementation in Sun Solaris 8, 9, and 10 allows remote attackers to bypass intended firewall policies or cause a denial of service (panic) via unknown vectors, possibly related to ICMP packets and IP fragment reassembly.

Affected configurations

Nvd

Node

sunsolarisMatch8x86

sunsolarisMatch9x86

sunsolarisMatch10x86

sunsunosMatch5.8

sunsunosMatch5.9

sunsunosMatch5.10

VendorProductVersionCPE
sunsolaris8cpe:2.3:o:sun:solaris:8:*:x86:*:*:*:*:*
sunsolaris9cpe:2.3:o:sun:solaris:9:*:x86:*:*:*:*:*
sunsolaris10cpe:2.3:o:sun:solaris:10:*:x86:*:*:*:*:*
sunsunos5.8cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
sunsunos5.9cpe:2.3:o:sun:sunos:5.9:*:*:*:*:*:*:*
sunsunos5.10cpe:2.3:o:sun:sunos:5.10:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sun	solaris	8	cpe:2.3:o:sun:solaris:8::x86:::::
sun	solaris	9	cpe:2.3:o:sun:solaris:9::x86:::::
sun	solaris	10	cpe:2.3:o:sun:solaris:10::x86:::::
sun	sunos	5.8	cpe:2.3:o:sun:sunos:5.8:::::::*
sun	sunos	5.9	cpe:2.3:o:sun:sunos:5.9:::::::*
sun	sunos	5.10	cpe:2.3:o:sun:sunos:5.10:::::::*

References

secunia.com/advisories/29100

secunia.com/advisories/29379

sunsolve.sun.com/search/document.do?assetkey=1-66-200183-1

support.avaya.com/elmodocs2/security/ASA-2008-119.htm

www.securityfocus.com/bid/27967

www.vupen.com/english/advisories/2008/0645

exchange.xforce.ibmcloud.com/vulnerabilities/40473

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5511

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

AI Score

6.8

Confidence

High

EPSS

0.009

Percentile

82.5%

JSON

Related for CVE-2008-1095