admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2008/CVE-2008-24xx/CVE-2008-2476.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

216 lines
7.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2008-2476",
"sourceIdentifier": "cret@cert.org",
"published": "2008-10-03T15:07:10.727",
"lastModified": "2017-09-29T01:31:11.053",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB)."
},
{
"lang": "es",
"value": "La implementaci\u00f3n IPv6 Neighbor Discovery Protocol (NDP) en (1) FreeBSD v6.3 hasta v7.1, (2) OpenBSD v4.2 y v4.3, (3) NetBSD, (4) Force10 FTOS versiones anteriores a vE7.7.1.1, (5) Juniper JUNOS, y (6) Wind River VxWorks 5.x hasta v6.4 no valida los mensaje originales de Neighbor Discovery, lo cual permite a atacantes remotos provocar una denegaci\u00f3n de servicio (p\u00e9rdida de conectividad) o leer tr\u00e1fico de red privado a trav\u00e9s de mensajes falsos que modifica la Forward Information Base (FIB)."
}
],
"vendorComments": [
{
"organization": "Red Hat",
"comment": "Not vulnerable. This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, 5 or Red Hat Enterprise MRG.",
"lastModified": "2017-09-28T21:31:11.053"
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3
},
"baseSeverity": "HIGH",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:force10:ftos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4941A848-A02E-4234-82A3-076AABC94476"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F702C46F-CA02-4FA2-B7D6-C61C2C095679"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:freebsd:freebsd:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "803EFA9F-B7CB-4511-B1C1-381170CA9A23"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:jnos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BD3413A-DD12-4C60-88F4-E2D6C1264319"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B55E4B92-88E0-41F0-AFA7-046A8D34A2CA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:openbsd:openbsd:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF8DD37-A337-4E9D-A34E-C2D561A24285"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:openbsd:openbsd:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F12313A0-1EAF-4652-9AB1-799171CFFEA9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.4",
"matchCriteriaId": "DFCBBA4F-BD05-4044-98A0-2825A413D299"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:windriver:vxworks:5:*:*:*:*:*:*:*",
"matchCriteriaId": "F69B80D9-E6A6-4761-9EE3-3EF5E55EFA8B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:windriver:vxworks:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FE3680A0-7B0C-4E91-97D7-B3F33EE1569A"
}
]
}
]
}
],
"references": [
{
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-013.txt.asc",
"source": "cret@cert.org"
},
{
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:10.nd6.asc",
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://securitytracker.com/id?1020968",
"source": "cret@cert.org"
},
{
"url": "http://support.apple.com/kb/HT3467",
"source": "cret@cert.org"
},
{
"url": "http://www.kb.cert.org/vuls/id/472363",
"source": "cret@cert.org",
"tags": [
"US Government Resource"
]
},
{
"url": "http://www.kb.cert.org/vuls/id/MAPG-7H2RY7",
"source": "cret@cert.org",
"tags": [
"US Government Resource"
]
},
{
"url": "http://www.kb.cert.org/vuls/id/MAPG-7H2S68",
"source": "cret@cert.org",
"tags": [
"US Government Resource"
]
},
{
"url": "http://www.openbsd.org/errata42.html#015_ndp",
"source": "cret@cert.org"
},
{
"url": "http://www.openbsd.org/errata43.html#006_ndp",
"source": "cret@cert.org"
},
{
"url": "http://www.securityfocus.com/bid/31529",
"source": "cret@cert.org"
},
{
"url": "http://www.securitytracker.com/id?1021109",
"source": "cret@cert.org"
},
{
"url": "http://www.securitytracker.com/id?1021132",
"source": "cret@cert.org"
},
{
"url": "http://www.vupen.com/english/advisories/2008/2750",
"source": "cret@cert.org"
},
{
"url": "http://www.vupen.com/english/advisories/2008/2751",
"source": "cret@cert.org"
},
{
"url": "http://www.vupen.com/english/advisories/2008/2752",
"source": "cret@cert.org"
},
{
"url": "http://www.vupen.com/english/advisories/2009/0633",
"source": "cret@cert.org"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45601",
"source": "cret@cert.org"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5670",
"source": "cret@cert.org"
},
{
"url": "https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2008-09-036&viewMode=view",
"source": "cret@cert.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink