mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
266 lines
9.2 KiB
JSON
266 lines
9.2 KiB
JSON
{
|
|
"id": "CVE-2008-2363",
|
|
"sourceIdentifier": "secalert@redhat.com",
|
|
"published": "2008-06-02T21:30:00.000",
|
|
"lastModified": "2017-08-08T01:30:59.043",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "The PartsBatch class in Pan 0.132 and earlier does not properly manage the data structures for Parts batches, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted .nzb file that triggers a heap-based buffer overflow."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "La clase PartsBatch en Pan versi\u00f3n 0.132 y anteriores, no gestiona apropiadamente las estructuras de datos para lotes de Parts, lo que permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo de aplicaci\u00f3n) y posiblemente ejecutar c\u00f3digo arbitrario por medio de un archivo .nzb dise\u00f1ado que activa un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria."
|
|
}
|
|
],
|
|
"vendorComments": [
|
|
{
|
|
"organization": "Red Hat",
|
|
"comment": "Not vulnerable. This issue did not affect the versions of pan as shipped with Red Hat Enterprise Linux 2.1. No other versions of Red Hat Enterprise Linux have shipped Pan.",
|
|
"lastModified": "2008-06-03T00:00:00"
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "COMPLETE",
|
|
"integrityImpact": "COMPLETE",
|
|
"availabilityImpact": "COMPLETE",
|
|
"baseScore": 9.3
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 10.0,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": true
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-119"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:pan:pan:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "0.132",
|
|
"matchCriteriaId": "8C0BCC82-DE99-4C9D-A165-9FBD7DE3148D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:pan:pan:0.105:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4C2DEFDB-0430-4A24-9410-5AA5A8D6E6F1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:pan:pan:0.106:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D56435AD-8216-401A-8F2F-86DA27BFE7DD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:pan:pan:0.107:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7D96A12C-3BAB-47CB-88FB-F15AC0F078BD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:pan:pan:0.108:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1C0A4FC9-28B9-4562-8FD3-7399A75BC38B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:pan:pan:0.109:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F8177221-6E52-4B0B-A521-DCD522120CA8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:pan:pan:0.110:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7D658A45-3886-429C-B8BC-F36DD5247D83"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:pan:pan:0.111:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FBD5C3F5-D748-47A3-8471-18491EAB0852"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:pan:pan:0.112:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E1F1444F-8290-4589-B37A-411D024740C8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:pan:pan:0.113:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C48373A9-FFF9-46C0-9A0F-E180DAFEE7E3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:pan:pan:0.114:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BDDF3558-EE2F-4710-B8A0-E38C686474BA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:pan:pan:0.115:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "06B19920-0911-4078-A646-517AA8F4C933"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:pan:pan:0.116:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B6FA1ED5-1252-4711-8244-2D1E6800147C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:pan:pan:0.117:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "062159F1-4094-4355-8EAB-9BECD1F469AD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:pan:pan:0.118:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "951B12B7-7313-4200-AB5D-F70065502722"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:pan:pan:0.119:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4DD8557F-4FAD-4EEC-9EC3-041BBE437E2D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:pan:pan:0.120:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "97B76EC9-B238-42E4-90CE-F35F039B782F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:pan:pan:0.121:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "08FC4F0B-B92E-4C9E-8DA9-4B5782C2359B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:pan:pan:0.122:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B8901478-3413-43E7-A21E-28F920E12B2E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:pan:pan:0.123:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8D185E00-F55D-4101-9952-D35D49B15ECB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:pan:pan:0.124:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D878570C-D363-4E37-8581-A76DC5DBB370"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:pan:pan:0.125:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "515419E8-50F6-454D-8224-9EE4CEA40ED9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:pan:pan:0.126:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DA214133-C80D-47AA-B8AC-F79FB2BE6779"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:pan:pan:0.127:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "43BEFDEE-C200-48BF-94D2-B74070178546"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:pan:pan:0.128:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "868189F7-3A9C-4318-84E4-6F455AB99E6A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:pan:pan:0.129:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "709FCD8C-F8CC-4604-8ED2-DCBDC7CE59E2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:pan:pan:0.130:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B982CC3C-90D7-4F62-A6D3-990F3C33D7AF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:pan:pan:0.131:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D58629D2-E6B3-462E-8C0C-C8307EE85835"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://bugs.gentoo.org/show_bug.cgi?id=224051",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://bugzilla.gnome.org/show_bug.cgi?id=535413",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://marc.info/?l=oss-security&m=121207185600564&w=2",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://security.gentoo.org/glsa/glsa-200807-15.xml",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:201",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.novell.com/linux/security/advisories/2008_13_sr.html",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/29421",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=446902",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42750",
|
|
"source": "secalert@redhat.com"
|
|
}
|
|
]
|
|
} |