Vulnerability Details CVE-2008-1708
IBM solidDB 06.00.1018 and earlier does not validate a certain field that specifies an amount of memory to allocate, which allows remote attackers to cause a denial of service (daemon exit) via a packet with a large value in this field.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.012
EPSS Ranking 77.8%
CVSS Severity
CVSS v2 Score 4.3
References
- http://aluigi.altervista.org/adv/soliduro-adv.txt
- http://aluigi.org/poc/soliduro.zip
- http://secunia.com/advisories/29512
- http://securitytracker.com/id?1019721
- http://www.securityfocus.com/archive/1/490129/100/0/threaded
- http://www.securityfocus.com/bid/28468
- http://www.vupen.com/english/advisories/2008/1038
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41488
- http://aluigi.altervista.org/adv/soliduro-adv.txt
- http://aluigi.org/poc/soliduro.zip
- http://secunia.com/advisories/29512
- http://securitytracker.com/id?1019721
- http://www.securityfocus.com/archive/1/490129/100/0/threaded
- http://www.securityfocus.com/bid/28468
- http://www.vupen.com/english/advisories/2008/1038
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41488
Products affected by CVE-2008-1708
-
cpe:2.3:a:ibm:soliddb:4.5.167
-
cpe:2.3:a:ibm:soliddb:4.5.168
-
cpe:2.3:a:ibm:soliddb:4.5.169
-
cpe:2.3:a:ibm:soliddb:4.5.173
-
cpe:2.3:a:ibm:soliddb:4.5.175
-
cpe:2.3:a:ibm:soliddb:4.5.176
-
cpe:2.3:a:ibm:soliddb:4.5.178
-
cpe:2.3:a:ibm:soliddb:6.0