CVE-2008-5133
Severity CVSS v4.0:
Pending analysis
Type:
CWE-264
Permissions, Privileges, and Access Control
Publication date:
18/11/2008
Last modified:
08/08/2017
Description
ipnat in IP Filter in Sun Solaris 10 and OpenSolaris before snv_96, when running on a DNS server with Network Address Translation (NAT) configured, improperly changes the source port of a packet when the destination port is the DNS port, which allows remote attackers to bypass an intended CVE-2008-1447 protection mechanism and spoof the responses to DNS queries sent by named.
Impact
Base Score 2.0
5.80
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:sun:opensolaris:*:*:sparc:*:*:*:*:* | snv_95 (including) | |
cpe:2.3:o:sun:opensolaris:*:*:x86:*:*:*:*:* | snv_95 (including) | |
cpe:2.3:o:sun:opensolaris:snv_01:*:sparc:*:*:*:*:* | ||
cpe:2.3:o:sun:opensolaris:snv_01:*:x86:*:*:*:*:* | ||
cpe:2.3:o:sun:opensolaris:snv_02:*:sparc:*:*:*:*:* | ||
cpe:2.3:o:sun:opensolaris:snv_02:*:x86:*:*:*:*:* | ||
cpe:2.3:o:sun:opensolaris:snv_03:*:sparc:*:*:*:*:* | ||
cpe:2.3:o:sun:opensolaris:snv_03:*:x86:*:*:*:*:* | ||
cpe:2.3:o:sun:opensolaris:snv_04:*:sparc:*:*:*:*:* | ||
cpe:2.3:o:sun:opensolaris:snv_04:*:x86:*:*:*:*:* | ||
cpe:2.3:o:sun:opensolaris:snv_05:*:sparc:*:*:*:*:* | ||
cpe:2.3:o:sun:opensolaris:snv_05:*:x86:*:*:*:*:* | ||
cpe:2.3:o:sun:opensolaris:snv_06:*:sparc:*:*:*:*:* | ||
cpe:2.3:o:sun:opensolaris:snv_06:*:x86:*:*:*:*:* | ||
cpe:2.3:o:sun:opensolaris:snv_07:*:sparc:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page