FreeBSD Security Advisory (FreeBSD-SA-08:02.libc.asc) Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-08:02.libc.asc

Solution

Upgrade your system to the appropriate stable release or security branch dated after the correction date https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-08:02.libc.asc

Insight

The resolver is the part of libc that resolves hostnames (example.com) to internet protocol (IP) addresses (192.0.2.1) and vice versa. The inet_network() function returns an in_addr_t representing the network address of the IP address given to inet_network() as a character string in the dot-notation. An off-by-one error in the inet_network() function could lead to memory corruption with certain inputs.

Severity

Classification

CVE CVE-2008-0122
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

FreeBSD Ports: cacti
FreeBSD Ports: chromium
FreeBSD Ports: c-ares
FreeBSD Ports: awstats
FreeBSD Ports: chromium

Take action and discover your vulnerabilities