Lucene search

[email protected]CVE-2008-3584

HistorySep 11, 2008 - 9:06 p.m.

CVE-2008-3584

2008-09-1121:06:44

CWE-20

[email protected]

web.nvd.nist.gov

cve-2008-3584

netbsd

pppoe

denial of service

system crash

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

High

0.019 Low

EPSS

Percentile

88.6%

JSON

NetBSD 3.0, 3.1, and 4.0, when a pppoe instance exists, does not properly check the length of a PPPoE packet tag, which allows remote attackers to cause a denial of service (system crash) via a crafted PPPoE packet.

Affected configurations

NVD

Node

netbsdnetbsdMatch3.0

netbsdnetbsdMatch3.1

netbsdnetbsdMatch4.0

CPENameOperatorVersion
netbsd:netbsdnetbsdeq3.0
netbsd:netbsdnetbsdeq3.1
netbsd:netbsdnetbsdeq4.0

CPE	Name	Operator	Version
netbsd:netbsd	netbsd	eq	3.0
netbsd:netbsd	netbsd	eq	3.1
netbsd:netbsd	netbsd	eq	4.0

References

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-010.txt.asc

secunia.com/advisories/31597

support.apple.com/kb/HT3467

www.securityfocus.com/bid/30838

www.securitytracker.com/id?1020749

www.vupen.com/english/advisories/2009/0633

exchange.xforce.ibmcloud.com/vulnerabilities/44679

Social References

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

High

0.019 Low

EPSS

Percentile

88.6%

JSON

Related for CVE-2008-3584

nvd1 prion1 cvelist1