Executive Summary

Informations
Name CVE-2008-0964 First vendor Publication 2008-08-08
Vendor Cve Last vendor Modification 2018-10-30

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0964

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:5318
 
Oval ID: oval:org.mitre.oval:def:5318
Title: Security Vulnerability in Solaris snoop(1M) when Displaying SMB Traffic
Description: Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet.
Family: unix Class: vulnerability
Reference(s): CVE-2008-0964
Version: 1
Platform(s): Sun Solaris 8
Sun Solaris 9
Sun Solaris 10
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 450
Os 6
Os 3

OpenVAS Exploits

Date Description
2009-06-03 Name : Solaris Update for snoop 114262-05
File : nvt/gb_solaris_114262_05.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
47421 Solaris snoop(1M) SMB Traffic Monitoring Multiple Unspecified Remote Overflows

Information Assurance Vulnerability Management (IAVM)

Date Description
2008-08-28 IAVM : 2008-T-0043 - Multiple Sun Solaris snoop Vulnerabilities
Severity : Category II - VMSKEY : V0017141

Nessus® Vulnerability Scanner

Date Description
2008-08-17 Name : The remote host is missing Sun Security Patch number 108964-11
File : solaris8_108964.nasl - Type : ACT_GATHER_INFO
2008-08-17 Name : The remote host is missing Sun Security Patch number 108965-11
File : solaris8_x86_108965.nasl - Type : ACT_GATHER_INFO
2008-08-17 Name : The remote host is missing Sun Security Patch number 112915-06
File : solaris9_112915.nasl - Type : ACT_GATHER_INFO
2008-08-17 Name : The remote host is missing Sun Security Patch number 114262-05
File : solaris9_x86_114262.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/30556
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2008-355.htm
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=766935
EXPLOIT-DB https://www.exploit-db.com/exploits/6328
IDEFENSE http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=734
OVAL https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
SECTRACK http://www.securitytracker.com/id?1020633
SECUNIA http://secunia.com/advisories/31386
http://secunia.com/advisories/31535
SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-240101-1
VUPEN http://www.vupen.com/english/advisories/2008/2311
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/44222

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
Date Informations
2020-05-23 01:39:09
  • Multiple Updates
2020-05-23 00:21:19
  • Multiple Updates
2018-10-31 00:19:51
  • Multiple Updates
2017-09-29 09:23:25
  • Multiple Updates
2017-08-08 09:23:52
  • Multiple Updates
2016-06-28 17:11:50
  • Multiple Updates
2016-04-27 09:29:02
  • Multiple Updates
2016-04-26 17:09:32
  • Multiple Updates
2014-02-17 10:43:52
  • Multiple Updates
2013-11-11 12:37:50
  • Multiple Updates
2013-05-11 00:10:11
  • Multiple Updates