CVE-2008-5133 — Vulnetix

Try Vulnetix Request Demo

CVE-2008-5133 PUBLISHED CVSS 5.800000190734863 MEDIUM

ipnat in IP Filter in Sun Solaris 10 and OpenSolaris before snv_96, when running on a DNS server with Network Address Translation (NAT) configured, improperly changes the source port of a packet when the destination port is the DNS port, which allows remote attackers to bypass an intended CVE-2008-1447 protection mechanism and spoof the responses to DNS queries sent by named.

EPSS 0.31% · 54.3th percentile

Risk Scores

CVSS v2.0

5.800000190734863

EPSS Score

0.31%

54.3th percentile

Affected Products

Vendor	Product	Versions
sun	solaris	10, 10
n/a	n/a	n/a
sun	opensolaris	snv_01, snv_01, snv_02

Timeline

Jul 8, 2008 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score

References

http://secunia.com/advisories/32625 advisory
ADV-2008-3129 vdb
solaris-ipfilter-dnsresponse-spoofing(46721) vdb
245206 vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2008-5133 advisory

Open in Interactive Console →