Vulnerability Description
IBM solidDB 06.00.1018 and earlier does not validate a certain field that specifies an amount of memory to allocate, which allows remote attackers to cause a denial of service (daemon exit) via a packet with a large value in this field.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Soliddb | <= 06.00.1018 |
Related Weaknesses (CWE)
References
- http://aluigi.altervista.org/adv/soliduro-adv.txt
- http://aluigi.org/poc/soliduro.zipExploit
- http://secunia.com/advisories/29512
- http://securitytracker.com/id?1019721
- http://www.securityfocus.com/archive/1/490129/100/0/threaded
- http://www.securityfocus.com/bid/28468
- http://www.vupen.com/english/advisories/2008/1038
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41488
- http://aluigi.altervista.org/adv/soliduro-adv.txt
- http://aluigi.org/poc/soliduro.zipExploit
- http://secunia.com/advisories/29512
- http://securitytracker.com/id?1019721
- http://www.securityfocus.com/archive/1/490129/100/0/threaded
- http://www.securityfocus.com/bid/28468
- http://www.vupen.com/english/advisories/2008/1038
FAQ
What is CVE-2008-1708?
CVE-2008-1708 is a vulnerability with a CVSS score of 4.3 (MEDIUM). IBM solidDB 06.00.1018 and earlier does not validate a certain field that specifies an amount of memory to allocate, which allows remote attackers to cause a denial of service (daemon exit) via a pack...
How severe is CVE-2008-1708?
CVE-2008-1708 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-1708?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Soliddb.