Lucene search

MitreCVE-2008-1708

HistoryApr 09, 2008 - 7:05 p.m.

CVE-2008-1708

2008-04-0919:05:00

CWE-399

mitre

web.nvd.nist.gov

ibm

soliddb

cve-2008-1708

denial of service

memory allocation

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.5

Confidence

High

EPSS

0.022

Percentile

89.5%

JSON

IBM solidDB 06.00.1018 and earlier does not validate a certain field that specifies an amount of memory to allocate, which allows remote attackers to cause a denial of service (daemon exit) via a packet with a large value in this field.

Affected configurations

Nvd

Node

ibmsoliddbRange≤06.00.1018

VendorProductVersionCPE
ibmsoliddb*cpe:2.3:a:ibm:soliddb:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	soliddb	*	cpe:2.3:a:ibm:soliddb::::::::

References

aluigi.altervista.org/adv/soliduro-adv.txt

aluigi.org/poc/soliduro.zip

secunia.com/advisories/29512

securitytracker.com/id?1019721

www.securityfocus.com/archive/1/490129/100/0/threaded

www.securityfocus.com/bid/28468

www.vupen.com/english/advisories/2008/1038

exchange.xforce.ibmcloud.com/vulnerabilities/41488

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.5

Confidence

High

EPSS

0.022

Percentile

89.5%

JSON

Related for CVE-2008-1708