Vulnerability Details : CVE-2008-0965

Multiple format string vulnerabilities in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via format string specifiers in an SMB packet.

Vulnerability category: OverflowExecute code

Published 2008-08-08 18:41:00

Updated 2018-10-30 16:25:15

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2008-0965

Probability of exploitation activity in the next 30 days: 10.31%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 94 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2008-0965

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
9.3	HIGH	AV:N/AC:M/Au:N/C:C/I:C/A:C	8.6	10.0	[email protected]
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2008-0965

CWE-134 Use of Externally-Controlled Format String

The product uses a function that accepts a format string as an argument, but the format string originates from an external source.

Assigned by: [email protected] (Primary)

References for CVE-2008-0965

Products affected by CVE-2008-0965

SUN » Sunos » Version: 5.8
cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
Matching versions
SUN » Sunos » Version: 5.10
cpe:2.3:o:sun:sunos:5.10:*:*:*:*:*:*:*
Matching versions
SUN » Sunos » Version: 5.9
cpe:2.3:o:sun:sunos:5.9:*:*:*:*:*:*:*
Matching versions
SUN » Solaris » Version: 10 X86 Edition
cpe:2.3:o:sun:solaris:10:*:x86:*:*:*:*:*
Matching versions
SUN » Solaris » Version: 10 Sparc Edition
cpe:2.3:o:sun:solaris:10:*:sparc:*:*:*:*:*
Matching versions
SUN » Solaris » Version: 9 Sparc Edition
cpe:2.3:o:sun:solaris:9:*:sparc:*:*:*:*:*
Matching versions
SUN » Solaris » Version: 9 X86 Edition
cpe:2.3:o:sun:solaris:9:*:x86:*:*:*:*:*
Matching versions
SUN » Solaris » Version: 8 X86 Edition
cpe:2.3:o:sun:solaris:8:*:x86:*:*:*:*:*
Matching versions
SUN » Solaris » Version: 8 Sparc Edition
cpe:2.3:o:sun:solaris:8:*:sparc:*:*:*:*:*
Matching versions
SUN » Opensolaris » X86 Edition
cpe:2.3:o:sun:opensolaris:*:*:x86:*:*:*:*:*
Matching versions
SUN » Opensolaris
cpe:2.3:o:sun:opensolaris:*:*:*:*:*:*:*:*
Matching versions
SUN » Opensolaris
Versions up to, including, (<=) build_snv_95
cpe:2.3:o:sun:opensolaris:*:*:*:*:*:*:*:*
Matching versions
SUN » Opensolaris » Sparc Edition
cpe:2.3:o:sun:opensolaris:*:*:sparc:*:*:*:*:*
Matching versions
SUN » Opensolaris » Version: Build Snv 89
cpe:2.3:o:sun:opensolaris:build_snv_89:*:*:*:*:*:*:*
Matching versions
SUN » Opensolaris » Version: Build Snv 91
cpe:2.3:o:sun:opensolaris:build_snv_91:*:*:*:*:*:*:*
Matching versions
SUN » Opensolaris » Version: Build Snv 13
cpe:2.3:o:sun:opensolaris:build_snv_13:*:*:*:*:*:*:*
Matching versions
SUN » Opensolaris » Version: Build Snv 19
cpe:2.3:o:sun:opensolaris:build_snv_19:*:*:*:*:*:*:*
Matching versions
SUN » Opensolaris » Version: Build Snv 01
cpe:2.3:o:sun:opensolaris:build_snv_01:*:*:*:*:*:*:*
Matching versions
SUN » Opensolaris » Version: Build Snv 02
cpe:2.3:o:sun:opensolaris:build_snv_02:*:*:*:*:*:*:*
Matching versions
SUN » Opensolaris » Version: Build Snv 92
cpe:2.3:o:sun:opensolaris:build_snv_92:*:*:*:*:*:*:*
Matching versions
SUN » Opensolaris » Version: Build Snv 22
cpe:2.3:o:sun:opensolaris:build_snv_22:*:*:*:*:*:*:*
Matching versions
SUN » Opensolaris » Version: Build Snv 64
cpe:2.3:o:sun:opensolaris:build_snv_64:*:*:*:*:*:*:*
Matching versions
SUN » Opensolaris » Version: Build Snv 88
cpe:2.3:o:sun:opensolaris:build_snv_88:*:*:*:*:*:*:*
Matching versions