Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2008-1148
HistoryMar 04, 2008 - 11:44 p.m.

CVE-2008-1148

2008-03-0423:44:00
[email protected]
web.nvd.nist.gov
22
pseudo-random number generator
prng
algorithm a0
openbsd
netbsd
cve-2008-1148
dns cache poisoning
tcp packets
os fingerprinting

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

Low

0.02 Low

EPSS

Percentile

88.9%

JSON

A certain pseudo-random number generator (PRNG) algorithm that uses ADD with 0 random hops (aka “Algorithm A0”), as used in OpenBSD 3.5 through 4.2 and NetBSD 1.6.2 through 4.0, allows remote attackers to guess sensitive values such as (1) DNS transaction IDs or (2) IP fragmentation IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as DNS cache poisoning, injection into TCP packets, and OS fingerprinting.

Affected configurations

NVD
Node
applemac_os_xMatch10.0
OR
applemac_os_xMatch10.0.1
OR
applemac_os_xMatch10.0.2
OR
applemac_os_xMatch10.0.3
OR
applemac_os_xMatch10.0.4
OR
applemac_os_xMatch10.1
OR
applemac_os_xMatch10.1.1
OR
applemac_os_xMatch10.1.2
OR
applemac_os_xMatch10.1.3
OR
applemac_os_xMatch10.1.4
OR
applemac_os_xMatch10.1.5
OR
applemac_os_xMatch10.2
OR
applemac_os_xMatch10.2.1
OR
applemac_os_xMatch10.2.2
OR
applemac_os_xMatch10.2.3
OR
applemac_os_xMatch10.2.4
OR
applemac_os_xMatch10.2.5
OR
applemac_os_xMatch10.2.6
OR
applemac_os_xMatch10.2.7
OR
applemac_os_xMatch10.2.8
OR
applemac_os_xMatch10.3
OR
applemac_os_xMatch10.3.1
OR
applemac_os_xMatch10.3.2
OR
applemac_os_xMatch10.3.3
OR
applemac_os_xMatch10.3.4
OR
applemac_os_xMatch10.3.5
OR
applemac_os_xMatch10.3.6
OR
applemac_os_xMatch10.3.7
OR
applemac_os_xMatch10.3.8
OR
applemac_os_xMatch10.3.9
OR
applemac_os_xMatch10.4
OR
applemac_os_xMatch10.4.1
OR
applemac_os_xMatch10.4.2
OR
applemac_os_xMatch10.4.3
OR
applemac_os_xMatch10.4.4
OR
applemac_os_xMatch10.4.5
OR
applemac_os_xMatch10.4.6
OR
applemac_os_xMatch10.4.7
OR
applemac_os_xMatch10.4.8
OR
applemac_os_xMatch10.4.9
OR
applemac_os_xMatch10.4.10
OR
applemac_os_xMatch10.4.11
OR
applemac_os_xMatch10.5
OR
applemac_os_xMatch10.5.1
OR
applemac_os_x_serverMatch10.0
OR
applemac_os_x_serverMatch10.1
OR
applemac_os_x_serverMatch10.1.1
OR
applemac_os_x_serverMatch10.1.2
OR
applemac_os_x_serverMatch10.1.3
OR
applemac_os_x_serverMatch10.1.4
OR
applemac_os_x_serverMatch10.1.5
OR
applemac_os_x_serverMatch10.2
OR
applemac_os_x_serverMatch10.2.1
OR
applemac_os_x_serverMatch10.2.2
OR
applemac_os_x_serverMatch10.2.3
OR
applemac_os_x_serverMatch10.2.4
OR
applemac_os_x_serverMatch10.2.5
OR
applemac_os_x_serverMatch10.2.6
OR
applemac_os_x_serverMatch10.2.7
OR
applemac_os_x_serverMatch10.2.8
OR
applemac_os_x_serverMatch10.3
OR
applemac_os_x_serverMatch10.3.1
OR
applemac_os_x_serverMatch10.3.2
OR
applemac_os_x_serverMatch10.3.3
OR
applemac_os_x_serverMatch10.3.4
OR
applemac_os_x_serverMatch10.3.5
OR
applemac_os_x_serverMatch10.3.6
OR
applemac_os_x_serverMatch10.3.7
OR
applemac_os_x_serverMatch10.3.8
OR
applemac_os_x_serverMatch10.3.9
OR
applemac_os_x_serverMatch10.4
OR
applemac_os_x_serverMatch10.4.1
OR
applemac_os_x_serverMatch10.4.2
OR
applemac_os_x_serverMatch10.4.3
OR
applemac_os_x_serverMatch10.4.4
OR
applemac_os_x_serverMatch10.4.5
OR
applemac_os_x_serverMatch10.4.6
OR
applemac_os_x_serverMatch10.4.7
OR
applemac_os_x_serverMatch10.4.8
OR
applemac_os_x_serverMatch10.4.9
OR
applemac_os_x_serverMatch10.4.10
OR
applemac_os_x_serverMatch10.4.11
OR
applemac_os_x_serverMatch10.5
OR
dragonflybsddragonflybsdMatch1.0
OR
dragonflybsddragonflybsdMatch1.1
OR
dragonflybsddragonflybsdMatch1.2
OR
dragonflybsddragonflybsdMatch1.10.1
OR
freebsdfreebsdMatch4.4
OR
freebsdfreebsdMatch4.4release_p42
OR
freebsdfreebsdMatch4.4releng
OR
freebsdfreebsdMatch4.4stable
OR
freebsdfreebsdMatch4.5
OR
freebsdfreebsdMatch4.5release
OR
freebsdfreebsdMatch4.5release_p32
OR
freebsdfreebsdMatch4.5releng
OR
freebsdfreebsdMatch4.5stable
OR
freebsdfreebsdMatch4.6
OR
freebsdfreebsdMatch4.6release
OR
freebsdfreebsdMatch4.6release_p20
OR
freebsdfreebsdMatch4.6releng
OR
freebsdfreebsdMatch4.6stable
OR
freebsdfreebsdMatch4.6.2
OR
freebsdfreebsdMatch4.7
OR
freebsdfreebsdMatch4.7release
OR
freebsdfreebsdMatch4.7release_p17
OR
freebsdfreebsdMatch4.7releng
OR
freebsdfreebsdMatch4.7stable
OR
freebsdfreebsdMatch4.8
OR
freebsdfreebsdMatch4.8release_p7
OR
freebsdfreebsdMatch4.8releng
OR
freebsdfreebsdMatch4.8_prerelease
OR
freebsdfreebsdMatch4.9
OR
freebsdfreebsdMatch4.9releng
OR
freebsdfreebsdMatch4.9_prerelease
OR
freebsdfreebsdMatch4.10
OR
freebsdfreebsdMatch4.10release
OR
freebsdfreebsdMatch4.10release_p8
OR
freebsdfreebsdMatch4.10releng
OR
freebsdfreebsdMatch4.10_prerelease
OR
freebsdfreebsdMatch4.11release_p3
OR
freebsdfreebsdMatch4.11releng
OR
freebsdfreebsdMatch4.11stable
OR
freebsdfreebsdMatch4.11_p20_release
OR
freebsdfreebsdMatch4.11_release
OR
freebsdfreebsdMatch5.0
OR
freebsdfreebsdMatch5.0alpha
OR
freebsdfreebsdMatch5.0release_p14
OR
freebsdfreebsdMatch5.0releng
OR
freebsdfreebsdMatch5.1
OR
freebsdfreebsdMatch5.1alpha
OR
freebsdfreebsdMatch5.1release
OR
freebsdfreebsdMatch5.1release_p5
OR
freebsdfreebsdMatch5.1releng
OR
freebsdfreebsdMatch5.2
OR
freebsdfreebsdMatch5.2.1release
OR
freebsdfreebsdMatch5.2.1releng
OR
freebsdfreebsdMatch5.3
OR
freebsdfreebsdMatch5.3release
OR
freebsdfreebsdMatch5.3releng
OR
freebsdfreebsdMatch5.3stable
OR
freebsdfreebsdMatch5.4release
OR
freebsdfreebsdMatch5.4releng
OR
freebsdfreebsdMatch5.4stable
OR
freebsdfreebsdMatch5.5_release
OR
freebsdfreebsdMatch5.5_stable
OR
freebsdfreebsdMatch6.0
OR
freebsdfreebsdMatch6.0release
OR
freebsdfreebsdMatch6.0stable
OR
freebsdfreebsdMatch6.0_p5_release
OR
freebsdfreebsdMatch6.1
OR
freebsdfreebsdMatch6.1release
OR
freebsdfreebsdMatch6.1release_p10
OR
freebsdfreebsdMatch6.1stable
OR
freebsdfreebsdMatch6.2
OR
freebsdfreebsdMatch6.2stable
OR
freebsdfreebsdMatch6.2_releng
OR
freebsdfreebsdMatch6.3
OR
freebsdfreebsdMatch6.3_releng
OR
freebsdfreebsdMatch7.0pre-release
OR
freebsdfreebsdMatch7.0_beta4
OR
freebsdfreebsdMatch7.0_releng
OR
netbsdnetbsdMatch1.6.2
OR
netbsdnetbsdMatch2.0
OR
netbsdnetbsdMatch2.0.1
OR
netbsdnetbsdMatch2.0.2
OR
netbsdnetbsdMatch2.0.3
OR
netbsdnetbsdMatch2.0.4
OR
netbsdnetbsdMatch2.1
OR
netbsdnetbsdMatch2.1.1
OR
netbsdnetbsdMatch3.0.1
OR
netbsdnetbsdMatch3.0.2
OR
netbsdnetbsdMatch3.1
OR
netbsdnetbsdMatch3.1rc1
OR
netbsdnetbsdMatch3.1rc3
OR
netbsdnetbsdMatch4.0
OR
netbsdnetbsdMatch4.0beta
OR
netbsdnetbsdMatch4.0beta2
OR
openbsdopenbsdMatch2.6
OR
openbsdopenbsdMatch2.7
OR
openbsdopenbsdMatch2.8
OR
openbsdopenbsdMatch2.9
OR
openbsdopenbsdMatch3.0
OR
openbsdopenbsdMatch3.1
OR
openbsdopenbsdMatch3.2
OR
openbsdopenbsdMatch3.3
OR
openbsdopenbsdMatch3.4
OR
openbsdopenbsdMatch3.5
OR
openbsdopenbsdMatch3.6
OR
openbsdopenbsdMatch3.7
OR
openbsdopenbsdMatch3.8
OR
openbsdopenbsdMatch3.9
OR
openbsdopenbsdMatch4.0
OR
openbsdopenbsdMatch4.1
OR
openbsdopenbsdMatch4.2
AND
cosmicperldirectory_proMatch10.0.3
OR
darwindarwinMatch1.0
OR
darwindarwinMatch9.1
OR
navisionfinancials_serverMatch3.0

Related

cvelist 1
prion 1
nvd 1
cvelist
cvelist
CVE-2008-1148
2008-03-04 23:00:00
prion
prion
Design/Logic Flaw
2008-03-04 23:44:00
nvd
nvd
CVE-2008-1148
2008-03-04 23:44:00

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

Low

0.02 Low

EPSS

Percentile

88.9%

JSON
Related for CVE-2008-1148
cvelist1prion1nvd1