Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2008-1057

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-28 Feb, 2008 | 19:00
Updated At-07 Aug, 2024 | 08:08
Rejected At-
Credits

The ip6_check_rh0hdr function in netinet6/ip6_input.c in OpenBSD 4.2 allows attackers to cause a denial of service (panic) via malformed IPv6 routing headers.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:28 Feb, 2008 | 19:00
Updated At:07 Aug, 2024 | 08:08
Rejected At:
▼CVE Numbering Authority (CNA)

The ip6_check_rh0hdr function in netinet6/ip6_input.c in OpenBSD 4.2 allows attackers to cause a denial of service (panic) via malformed IPv6 routing headers.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/27965
vdb-entry
x_refsource_BID
http://secunia.com/advisories/29078
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2008/0660
vdb-entry
x_refsource_VUPEN
http://www.securitytracker.com/id?1019496
vdb-entry
x_refsource_SECTRACK
http://www.openbsd.org/errata42.html#008_ip6rthdr
vendor-advisory
x_refsource_OPENBSD
Hyperlink: http://www.securityfocus.com/bid/27965
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://secunia.com/advisories/29078
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2008/0660
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.securitytracker.com/id?1019496
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://www.openbsd.org/errata42.html#008_ip6rthdr
Resource:
vendor-advisory
x_refsource_OPENBSD
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/27965
vdb-entry
x_refsource_BID
x_transferred
http://secunia.com/advisories/29078
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2008/0660
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.securitytracker.com/id?1019496
vdb-entry
x_refsource_SECTRACK
x_transferred
http://www.openbsd.org/errata42.html#008_ip6rthdr
vendor-advisory
x_refsource_OPENBSD
x_transferred
Hyperlink: http://www.securityfocus.com/bid/27965
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://secunia.com/advisories/29078
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2008/0660
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.securitytracker.com/id?1019496
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://www.openbsd.org/errata42.html#008_ip6rthdr
Resource:
vendor-advisory
x_refsource_OPENBSD
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:28 Feb, 2008 | 19:44
Updated At:30 Oct, 2018 | 16:25

The ip6_check_rh0hdr function in netinet6/ip6_input.c in OpenBSD 4.2 allows attackers to cause a denial of service (panic) via malformed IPv6 routing headers.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.8HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
Type: Primary
Version: 2.0
Base score: 7.8
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C
CPE Matches
OpenBSD
openbsd
>>openbsd>>4.2
cpe:2.3:o:openbsd:openbsd:4.2:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://secunia.com/advisories/29078cve@mitre.org
Patch
Vendor Advisory
http://www.openbsd.org/errata42.html#008_ip6rthdrcve@mitre.org
Patch
http://www.securityfocus.com/bid/27965cve@mitre.org
Patch
http://www.securitytracker.com/id?1019496cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2008/0660cve@mitre.org
N/A
Hyperlink: http://secunia.com/advisories/29078
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.openbsd.org/errata42.html#008_ip6rthdr
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://www.securityfocus.com/bid/27965
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://www.securitytracker.com/id?1019496
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2008/0660
Source: cve@mitre.org
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

9Records found
CVE-2017-5850
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-49.59% / 97.72%
||
7 Day CHG~0.00%
Published-27 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

httpd in OpenBSD allows remote attackers to cause a denial of service (memory consumption) via a series of requests for a large file using an HTTP Range header.

Action-Not Available
Vendor-n/aOpenBSD
Product-openbsdn/a
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2011-3336
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-7.5||HIGH
EPSS-23.65% / 95.77%
||
7 Day CHG~0.00%
Published-12 Feb, 2020 | 19:32
Updated-06 Aug, 2024 | 23:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion.

Action-Not Available
Vendor-The PHP GroupApple Inc.FreeBSD FoundationOpenBSD
Product-openbsdfreebsdphpmac_os_xmacOS
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2006-4924
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-46.44% / 97.57%
||
7 Day CHG~0.00%
Published-27 Sep, 2006 | 01:00
Updated-07 Aug, 2024 | 19:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.

Action-Not Available
Vendor-n/aOpenBSD
Product-opensshn/a
CWE ID-CWE-399
Not Available
CVE-2008-1058
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.32% / 54.45%
||
7 Day CHG~0.00%
Published-28 Feb, 2008 | 19:00
Updated-07 Aug, 2024 | 08:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The tcp_respond function in netinet/tcp_subr.c in OpenBSD 4.1 and 4.2 allows attackers to cause a denial of service (panic) via crafted TCP packets. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-n/aOpenBSD
Product-openbsdn/a
CVE-2009-0687
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-7.8||HIGH
EPSS-12.33% / 93.62%
||
7 Day CHG~0.00%
Published-11 Aug, 2009 | 10:00
Updated-07 Aug, 2024 | 04:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The pf_test_rule function in OpenBSD Packet Filter (PF), as used in OpenBSD 4.2 through 4.5, NetBSD 5.0 before RC3, MirOS 10 and earlier, and MidnightBSD 0.3-current allows remote attackers to cause a denial of service (panic) via crafted IP packets that trigger a NULL pointer dereference during translation, related to an IPv4 packet with an ICMPv6 payload.

Action-Not Available
Vendor-mirbsdmidnightbsdn/aOpenBSDNetBSD
Product-openbsdnetbsdmidnightbsdmirosn/a
CWE ID-CWE-399
Not Available
CVE-2016-8858
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-64.72% / 98.39%
||
7 Day CHG~0.00%
Published-09 Dec, 2016 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that "OpenSSH upstream does not consider this as a security issue."

Action-Not Available
Vendor-n/aOpenBSD
Product-opensshn/a
CVE-2016-6515
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-82.90% / 99.20%
||
7 Day CHG~0.00%
Published-07 Aug, 2016 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service (crypt CPU consumption) via a long string.

Action-Not Available
Vendor-n/aOpenBSDFedora Project
Product-fedoraopensshn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-6244
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.05% / 76.66%
||
7 Day CHG~0.00%
Published-07 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The sys_thrsigdivert function in kern/kern_sig.c in the OpenBSD kernel 5.9 allows remote attackers to cause a denial of service (panic) via a negative "ts.tv_sec" value.

Action-Not Available
Vendor-n/aOpenBSD
Product-openbsdn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2007-2242
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-32.57% / 96.70%
||
7 Day CHG~0.00%
Published-25 Apr, 2007 | 16:00
Updated-07 Aug, 2024 | 13:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The IPv6 protocol allows remote attackers to cause a denial of service via crafted IPv6 type 0 route headers (IPV6_RTHDR_TYPE_0) that create network amplification between two routers.

Action-Not Available
Vendor-n/aNetBSDThe IETF Administration LLC (IETF LLC)OpenBSDFreeBSD Foundation
Product-openbsdipv6freebsdnetbsdn/a
Details not found