CVE-2008-0965
iDEFENSE Security Advisory 2008-08-04.2
Severity Score
9.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Multiple format string vulnerabilities in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via format string specifiers in an SMB packet.
Múltiples vulnerabilidades de cadena de formato en snoop sobre Sun Solaris versión 8 hasta 10 y OpenSolaris anterior a la versión snv_96, cuando se omite la opción -o, permiten a los atacantes remotos ejecutar código arbitrario por medio de especificadores de cadena de formato en un paquete SMB.
Remote exploitation of multiple format string vulnerabilities in Sun Microsystems Inc.'s snoop could allow an attacker to execute arbitrary code with the privileges of the nobody user. Multiple format string vulnerabilities exist within the code that parses and displays SMB traffic. All of the vulnerabilities are present due to unsanitized user input being passed to printf-style formatting function. This allows an attacker to overwrite arbitrary addresses with arbitrary data, which can result in the execution of arbitrary code. iDefense has confirmed the existence of these vulnerabilities in snoop for Solaris 10 8/07. Other versions may also be affected.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2008-02-25 CVE Reserved
- 2008-08-08 CVE Published
- 2024-08-07 CVE Updated
- 2025-06-15 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-134: Use of Externally-Controlled Format String
CAPEC
References (12)
| URL | Tag | Source |
|---|---|---|
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=735 | Third Party Advisory | |
| http://support.avaya.com/elmodocs2/security/ASA-2008-355.htm | X_refsource_confirm | |
| http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=766935 | X_refsource_confirm | |
| http://www.securityfocus.com/bid/30556 | Vdb Entry | |
| http://www.securitytracker.com/id?1020633 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/44222 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/44415 | Vdb Entry | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5742 | Signature |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/31386 | 2018-10-30 | |
| http://secunia.com/advisories/31535 | 2018-10-30 | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-26-240101-1 | 2018-10-30 | |
| http://www.vupen.com/english/advisories/2008/2311 | 2018-10-30 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Sun Search vendor "Sun" | Opensolaris Search vendor "Sun" for product "Opensolaris" | * | - |
Affected
| ||||||
| Sun Search vendor "Sun" | Opensolaris Search vendor "Sun" for product "Opensolaris" | * | sparc |
Affected
| ||||||
| Sun Search vendor "Sun" | Opensolaris Search vendor "Sun" for product "Opensolaris" | * | x86 |
Affected
| ||||||
| Sun Search vendor "Sun" | Opensolaris Search vendor "Sun" for product "Opensolaris" | <= build_snv_95 Search vendor "Sun" for product "Opensolaris" and version " <= build_snv_95" | - |
Affected
| ||||||
| Sun Search vendor "Sun" | Opensolaris Search vendor "Sun" for product "Opensolaris" | build_snv_01 Search vendor "Sun" for product "Opensolaris" and version "build_snv_01" | - |
Affected
| ||||||
| Sun Search vendor "Sun" | Opensolaris Search vendor "Sun" for product "Opensolaris" | build_snv_02 Search vendor "Sun" for product "Opensolaris" and version "build_snv_02" | - |
Affected
| ||||||
| Sun Search vendor "Sun" | Opensolaris Search vendor "Sun" for product "Opensolaris" | build_snv_13 Search vendor "Sun" for product "Opensolaris" and version "build_snv_13" | - |
Affected
| ||||||
| Sun Search vendor "Sun" | Opensolaris Search vendor "Sun" for product "Opensolaris" | build_snv_19 Search vendor "Sun" for product "Opensolaris" and version "build_snv_19" | - |
Affected
| ||||||
| Sun Search vendor "Sun" | Opensolaris Search vendor "Sun" for product "Opensolaris" | build_snv_22 Search vendor "Sun" for product "Opensolaris" and version "build_snv_22" | - |
Affected
| ||||||
| Sun Search vendor "Sun" | Opensolaris Search vendor "Sun" for product "Opensolaris" | build_snv_64 Search vendor "Sun" for product "Opensolaris" and version "build_snv_64" | - |
Affected
| ||||||
| Sun Search vendor "Sun" | Opensolaris Search vendor "Sun" for product "Opensolaris" | build_snv_88 Search vendor "Sun" for product "Opensolaris" and version "build_snv_88" | - |
Affected
| ||||||
| Sun Search vendor "Sun" | Opensolaris Search vendor "Sun" for product "Opensolaris" | build_snv_89 Search vendor "Sun" for product "Opensolaris" and version "build_snv_89" | - |
Affected
| ||||||
| Sun Search vendor "Sun" | Opensolaris Search vendor "Sun" for product "Opensolaris" | build_snv_91 Search vendor "Sun" for product "Opensolaris" and version "build_snv_91" | - |
Affected
| ||||||
| Sun Search vendor "Sun" | Opensolaris Search vendor "Sun" for product "Opensolaris" | build_snv_92 Search vendor "Sun" for product "Opensolaris" and version "build_snv_92" | - |
Affected
| ||||||
| Sun Search vendor "Sun" | Solaris Search vendor "Sun" for product "Solaris" | 8 Search vendor "Sun" for product "Solaris" and version "8" | sparc |
Affected
| ||||||
| Sun Search vendor "Sun" | Solaris Search vendor "Sun" for product "Solaris" | 8 Search vendor "Sun" for product "Solaris" and version "8" | x86 |
Affected
| ||||||
| Sun Search vendor "Sun" | Solaris Search vendor "Sun" for product "Solaris" | 9 Search vendor "Sun" for product "Solaris" and version "9" | sparc |
Affected
| ||||||
| Sun Search vendor "Sun" | Solaris Search vendor "Sun" for product "Solaris" | 9 Search vendor "Sun" for product "Solaris" and version "9" | x86 |
Affected
| ||||||
| Sun Search vendor "Sun" | Solaris Search vendor "Sun" for product "Solaris" | 10 Search vendor "Sun" for product "Solaris" and version "10" | sparc |
Affected
| ||||||
| Sun Search vendor "Sun" | Solaris Search vendor "Sun" for product "Solaris" | 10 Search vendor "Sun" for product "Solaris" and version "10" | x86 |
Affected
| ||||||
| Sun Search vendor "Sun" | Sunos Search vendor "Sun" for product "Sunos" | 5.8 Search vendor "Sun" for product "Sunos" and version "5.8" | - |
Affected
| ||||||
| Sun Search vendor "Sun" | Sunos Search vendor "Sun" for product "Sunos" | 5.9 Search vendor "Sun" for product "Sunos" and version "5.9" | - |
Affected
| ||||||
| Sun Search vendor "Sun" | Sunos Search vendor "Sun" for product "Sunos" | 5.10 Search vendor "Sun" for product "Sunos" and version "5.10" | - |
Affected
| ||||||