CVE-2008-0122

Publication date 16 January 2008

Last updated 24 July 2024

Ubuntu priority

Negligible

Why this priority?

Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption.

Read the notes from the security team

Status

Package Ubuntu Release Status
bind9 11.04 natty
Fixed 1:9.4.2-8
10.10 maverick
Fixed 1:9.4.2-8
10.04 LTS lucid
Fixed 1:9.4.2-8
9.10 karmic
Fixed 1:9.4.2-8
9.04 jaunty
Fixed 1:9.4.2-8
8.10 intrepid
Fixed 1:9.4.2-8
8.04 LTS hardy
Fixed 1:9.4.2-8
7.10 gutsy Ignored end of life, was needed
7.04 feisty Ignored end of life, was needed
6.10 edgy Ignored end of life, was needed
6.06 LTS dapper Ignored end of life

Notes

jdstrand

from RH bug: This problem allows an attacker to write 1 unsigned long int value (4 or 8 bytes, depending on the platform used) beyond the end of the buffer. This overwrite is too short to modify function return address, so this problem does not seem to be easily exploitable or verifiable using reproducer. nothing linked against libbind9 in any Ubuntu releases, except for bind9 packages, and upstream says that none of the applications shipped with BIND 9 call inet_network()