Montavista
Got a hot project?  Login
  • NETWORK INFRASTRUCTURE
  • OFFICE AUTOMATION
  • MEDICAL
  • ENGINEERING SERVICES
  • COMPANY

CVE Vulnerabilities
  • CVE-2012
  • CVE-2011
  • CVE-2010
  • CVE-2009
  • CVE-2008
  • CVE-2007
  • CVE-2006
  • CVE-2005
  • CVE-2004
  • CVE-2003
CVE-2008-1673

Severity : High
Published : 2008-06-09
Modified : 2012-03-19
Base Score : 10.0
Details : The asn1 implementation in (a) the Linux kernel 2.4 before 2.4.36.6 and 2.6 before 2.6.25.5, as used in the cifs and ip_nat_snmp_basic modules; and (b) the gxsnmp package; does not properly validate length values during decoding of ASN.1 BER data, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a length greater than the working buffer, which can lead to an unspecified overflow; (2) an oid length of zero, which can lead to an off-by-one error; or (3) an indefinite length for a primitive encoding.
Product/Version : Pro 4.x  
CGE 4.x  
Mobilinux 4.x  
Professional PRO 5.0  
Professional PRO 5.0  
CGE 5.x  
Mobilinux 5.x  
 
 
 


CVE Vulnerabilities List CVE-2008
CVE-2008-7256CVE-2008-7068CVE-2008-5713CVE-2008-5300
CVE-2008-5286CVE-2008-5161CVE-2008-5079CVE-2008-5029
CVE-2008-4989CVE-2008-4864CVE-2008-4685CVE-2008-4554
CVE-2008-4316CVE-2008-4309CVE-2008-4307CVE-2008-4210
CVE-2008-4109CVE-2008-4101CVE-2008-3934CVE-2008-3933
CVE-2008-3932CVE-2008-3915CVE-2008-3527CVE-2008-3526
CVE-2008-3522CVE-2008-3521CVE-2008-3520CVE-2008-3294
CVE-2008-3276CVE-2008-3275CVE-2008-3272CVE-2008-3146
CVE-2008-3142CVE-2008-3141CVE-2008-3140CVE-2008-3139
CVE-2008-3138CVE-2008-3137CVE-2008-2952CVE-2008-2812
CVE-2008-2729CVE-2008-2364CVE-2008-2292CVE-2008-2108
CVE-2008-2107CVE-2008-2051CVE-2008-1927CVE-2008-1808
CVE-2008-1807CVE-2008-1806CVE-2008-1722CVE-2008-1678
CVE-2008-1673CVE-2008-1657CVE-2008-1483CVE-2008-1372
CVE-2008-1367CVE-2008-0598CVE-2008-0596CVE-2008-0122
CVE-2008-0007CVE-2008-0005


Locations | Careers | Privacy Policy     
© 2013 MontaVista Software, LLC. All Rights Reserved