Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2008-0172
Modified
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-17 Jan, 2008 | 23:00
Updated At-15 Oct, 2018 | 21:58

The get_repeat_type function in basic_regex_creator.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (NULL dereference and crash) via an invalid regular expression.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
Ubuntu
ubuntu
>>ubuntu_linux>>6.06_lts
cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:*:*:*:*:*:*
Ubuntu
ubuntu
>>ubuntu_linux>>6.10
cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:*:*:*:*:*:*
Ubuntu
ubuntu
>>ubuntu_linux>>7.04
cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:*:*:*:*:*:*
Ubuntu
ubuntu
>>ubuntu_linux>>7.10
cpe:2.3:o:ubuntu:ubuntu_linux:7.10:*:*:*:*:*:*:*
boost
boost
>>boost>>1.33
cpe:2.3:a:boost:boost:1.33:*:*:*:*:*:*:*
boost
boost
>>boost>>1.34
cpe:2.3:a:boost:boost:1.34:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
Organization : Red Hat
Last Modified : 2008-05-12T00:00:00

This issue did not affect the version of boost as shipped with Red Hat Enterprise Linux 4. For Red Hat Enterprise Linux 5, Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2008-0172 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw.

References
HyperlinkSourceResource
http://bugs.gentoo.org/show_bug.cgi?id=205955cve@mitre.org
N/A
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.htmlcve@mitre.org
N/A
http://secunia.com/advisories/28511cve@mitre.org
N/A
http://secunia.com/advisories/28527cve@mitre.org
N/A
http://secunia.com/advisories/28545cve@mitre.org
N/A
http://secunia.com/advisories/28705cve@mitre.org
N/A
http://secunia.com/advisories/28860cve@mitre.org
N/A
http://secunia.com/advisories/28943cve@mitre.org
N/A
http://secunia.com/advisories/29323cve@mitre.org
N/A
http://secunia.com/advisories/48099cve@mitre.org
N/A
http://svn.boost.org/trac/boost/changeset/42674cve@mitre.org
N/A
http://svn.boost.org/trac/boost/changeset/42745cve@mitre.org
N/A
http://wiki.rpath.com/Advisories:rPSA-2008-0063cve@mitre.org
N/A
http://www.gentoo.org/security/en/glsa/glsa-200802-08.xmlcve@mitre.org
N/A
http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:032cve@mitre.org
N/A
http://www.securityfocus.com/archive/1/488102/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/bid/27325cve@mitre.org
N/A
http://www.ubuntu.com/usn/usn-570-1cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2008/0249cve@mitre.org
N/A
https://issues.rpath.com/browse/RPL-2143cve@mitre.org
N/A
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00760.htmlcve@mitre.org
N/A
Hyperlink: http://bugs.gentoo.org/show_bug.cgi?id=205955
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/28511
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/28527
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/28545
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/28705
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/28860
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/28943
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/29323
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/48099
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://svn.boost.org/trac/boost/changeset/42674
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://svn.boost.org/trac/boost/changeset/42745
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://wiki.rpath.com/Advisories:rPSA-2008-0063
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200802-08.xml
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:032
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/488102/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/27325
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/usn-570-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2008/0249
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://issues.rpath.com/browse/RPL-2143
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00760.html
Source: cve@mitre.org
Resource: N/A
Change History
0Changes found
Details not found