ipnat in IP Filter in Sun Solaris 10 and OpenSolaris before snv_96, when running on a DNS server with Network Address Translation (NAT) configured, improperly changes the source port of a packet when the destination port is the DNS port, which allows remote attackers to bypass an intended CVE-2008-1447 protection mechanism and spoof the responses to DNS queries sent by named.
No CVSS v3.1
No CVSS v3.0
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact None
Integrity Impact Partial
Availability Impact Partial
AV:N/AC:M/Au:N/C:N/I:P/A:P
Vendors | Products |
---|---|
Sun |
|
Configuration 1 [-]
|
References
Link | Resource |
---|---|
http://secunia.com/advisories/32625 | Vendor Advisory |
http://sunsolve.sun.com/search/document.do?assetkey=1-26-245206-1 | Patch Vendor Advisory |
http://www.vupen.com/english/advisories/2008/3129 | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/46721 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2008-11-18T15:00:00
Updated: 2017-08-07T12:57:01
Reserved: 2008-11-18T00:00:00
Link: CVE-2008-5133
JSON object: View
NVD Information
Status : Modified
Published: 2008-11-18T16:00:00.327
Modified: 2017-08-08T01:33:08.000
Link: CVE-2008-5133
JSON object: View
Redhat Information
No data.
CWE