Vulnerability Details : CVE-2008-0964

Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet.

Vulnerability category: OverflowExecute code

Published 2008-08-08 18:41:00

Updated 2018-10-30 16:25:15

Source MITRE

View at NVD, CVE.org

Threat overview for CVE-2008-0964

Top countries where our scanners detected CVE-2008-0964

Top open port discovered on systems with this issue 554

IPs affected by CVE-2008-0964 2

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2008-0964!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2008-0964

Probability of exploitation activity in the next 30 days: 36.68%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 97 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2008-0964

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
9.3	HIGH	AV:N/AC:M/Au:N/C:C/I:C/A:C	8.6	10.0	nvd@nist.gov
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2008-0964

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2008-0964

Products affected by CVE-2008-0964

SUN » Sunos » Version: 5.8
cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
Matching versions
SUN » Sunos » Version: 5.10
cpe:2.3:o:sun:sunos:5.10:*:*:*:*:*:*:*
Matching versions
SUN » Sunos » Version: 5.9
cpe:2.3:o:sun:sunos:5.9:*:*:*:*:*:*:*
Matching versions
SUN » Solaris » Version: 10 X86 Edition
cpe:2.3:o:sun:solaris:10:*:x86:*:*:*:*:*
Matching versions
SUN » Solaris » Version: 10 Sparc Edition
cpe:2.3:o:sun:solaris:10:*:sparc:*:*:*:*:*
Matching versions
SUN » Solaris » Version: 9 Sparc Edition
cpe:2.3:o:sun:solaris:9:*:sparc:*:*:*:*:*
Matching versions
SUN » Solaris » Version: 9 X86 Edition
cpe:2.3:o:sun:solaris:9:*:x86:*:*:*:*:*
Matching versions
SUN » Solaris » Version: 8 X86 Edition
cpe:2.3:o:sun:solaris:8:*:x86:*:*:*:*:*
Matching versions
SUN » Solaris » Version: 8 Sparc Edition
cpe:2.3:o:sun:solaris:8:*:sparc:*:*:*:*:*
Matching versions
SUN » Opensolaris » X86 Edition
cpe:2.3:o:sun:opensolaris:*:*:x86:*:*:*:*:*
Matching versions
SUN » Opensolaris
cpe:2.3:o:sun:opensolaris:*:*:*:*:*:*:*:*
Matching versions
SUN » Opensolaris
Versions up to, including, (<=) build_snv_95
cpe:2.3:o:sun:opensolaris:*:*:*:*:*:*:*:*
Matching versions
SUN » Opensolaris » Sparc Edition
cpe:2.3:o:sun:opensolaris:*:*:sparc:*:*:*:*:*
Matching versions
SUN » Opensolaris » Version: Build Snv 89
cpe:2.3:o:sun:opensolaris:build_snv_89:*:*:*:*:*:*:*
Matching versions
SUN » Opensolaris » Version: Build Snv 91
cpe:2.3:o:sun:opensolaris:build_snv_91:*:*:*:*:*:*:*
Matching versions
SUN » Opensolaris » Version: Build Snv 13
cpe:2.3:o:sun:opensolaris:build_snv_13:*:*:*:*:*:*:*
Matching versions
SUN » Opensolaris » Version: Build Snv 19
cpe:2.3:o:sun:opensolaris:build_snv_19:*:*:*:*:*:*:*
Matching versions
SUN » Opensolaris » Version: Build Snv 01
cpe:2.3:o:sun:opensolaris:build_snv_01:*:*:*:*:*:*:*
Matching versions
SUN » Opensolaris » Version: Build Snv 02
cpe:2.3:o:sun:opensolaris:build_snv_02:*:*:*:*:*:*:*
Matching versions
SUN » Opensolaris » Version: Build Snv 92
cpe:2.3:o:sun:opensolaris:build_snv_92:*:*:*:*:*:*:*
Matching versions
SUN » Opensolaris » Version: Build Snv 22
cpe:2.3:o:sun:opensolaris:build_snv_22:*:*:*:*:*:*:*
Matching versions
SUN » Opensolaris » Version: Build Snv 64
cpe:2.3:o:sun:opensolaris:build_snv_64:*:*:*:*:*:*:*
Matching versions
SUN » Opensolaris » Version: Build Snv 88
cpe:2.3:o:sun:opensolaris:build_snv_88:*:*:*:*:*:*:*
Matching versions