NVD Vulnerability Detail

CVE-2008-1673

Summary	The asn1 implementation in (a) the Linux kernel 2.4 before 2.4.36.6 and 2.6 before 2.6.25.5, as used in the cifs and ip_nat_snmp_basic modules; and (b) the gxsnmp package; does not properly validate length values during decoding of ASN.1 BER data, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a length greater than the working buffer, which can lead to an unspecified overflow; (2) an oid length of zero, which can lead to an off-by-one error; or (3) an indefinite length for a primitive encoding.
Summary	La implementación de asn1 en (a) el núcleo Linux 2.4 versiones anteriores a 2.4.36.6 y 2.6 versiones anteriores a 2.6.25.5, tal como lo utilizado en los módulos cifs y ip_nat_snmp_basic; y (b) el paquete gxsnmp; no valida apropiadamente la longitud de valores durante la decodificación de datos ASN.1 BER, lo cual permite a atacantes remotos provocar una denegación de servicio (caída) o ejecutar código de su elección a través de (1) una longitud superior a la de trabajo del búfer, lo cual puede llevar a un desbordamiento no especificado; (2) una longitud oid a cero, lo cual puede llevar a un error off-by-one; o (3) una longitud indefinida de codificación primitiva.
Publication Date	June 10, 2008, 9:32 a.m.
Registration Date	Jan. 29, 2021, 1:34 p.m.
Last Update	April 23, 2026, 9:35 a.m.

CVSS2.0 : HIGH
Score	10.0
Vector	AV:N/AC:L/Au:N/C:C/I:C/A:C
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	不要
機密性への影響(C)	高
完全性への影響(I)	高
可用性への影響(A)	高
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	いいえ

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:o:debian:debian_linux:4.0:::::::*
cpe:2.3:o:debian:debian_linux:4.0::alpha:::::
cpe:2.3:o:debian:debian_linux:4.0::amd64:::::
cpe:2.3:o:debian:debian_linux:4.0::arm:::::
cpe:2.3:o:debian:debian_linux:4.0::hppa:::::
cpe:2.3:o:debian:debian_linux:4.0::ia-32:::::
cpe:2.3:o:debian:debian_linux:4.0::ia-64:::::
cpe:2.3:o:debian:debian_linux:4.0::m68k:::::
cpe:2.3:o:debian:debian_linux:4.0::mips:::::
cpe:2.3:o:debian:debian_linux:4.0::mipsel:::::
cpe:2.3:o:debian:debian_linux:4.0::powerpc:::::
cpe:2.3:o:debian:debian_linux:4.0::s-390:::::
cpe:2.3:o:debian:debian_linux:4.0::sparc:::::
cpe:2.3:o:linux:linux_kernel:2.4.0:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.0:test1::::::
cpe:2.3:o:linux:linux_kernel:2.4.0:test10::::::
cpe:2.3:o:linux:linux_kernel:2.4.0:test11::::::
cpe:2.3:o:linux:linux_kernel:2.4.0:test12::::::
cpe:2.3:o:linux:linux_kernel:2.4.0:test2::::::
cpe:2.3:o:linux:linux_kernel:2.4.0:test3::::::
cpe:2.3:o:linux:linux_kernel:2.4.0:test4::::::
cpe:2.3:o:linux:linux_kernel:2.4.0:test5::::::
cpe:2.3:o:linux:linux_kernel:2.4.0:test6::::::
cpe:2.3:o:linux:linux_kernel:2.4.0:test7::::::
cpe:2.3:o:linux:linux_kernel:2.4.0:test8::::::
cpe:2.3:o:linux:linux_kernel:2.4.0:test9::::::
cpe:2.3:o:linux:linux_kernel:2.4.1:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.2:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.3:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.4:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.5:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.6:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.7:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.8:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.9:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.10:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.11:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.12:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.13:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.14:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.15:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.16:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.17:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.18:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.18:pre1::::::
cpe:2.3:o:linux:linux_kernel:2.4.18:pre2::::::
cpe:2.3:o:linux:linux_kernel:2.4.18:pre3::::::
cpe:2.3:o:linux:linux_kernel:2.4.18:pre4::::::
cpe:2.3:o:linux:linux_kernel:2.4.18:pre5::::::
cpe:2.3:o:linux:linux_kernel:2.4.18:pre6::::::
cpe:2.3:o:linux:linux_kernel:2.4.18:pre7::::::
cpe:2.3:o:linux:linux_kernel:2.4.18:pre8::::::
cpe:2.3:o:linux:linux_kernel:2.4.19:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.19:pre1::::::
cpe:2.3:o:linux:linux_kernel:2.4.19:pre2::::::
cpe:2.3:o:linux:linux_kernel:2.4.19:pre3::::::
cpe:2.3:o:linux:linux_kernel:2.4.19:pre4::::::
cpe:2.3:o:linux:linux_kernel:2.4.19:pre5::::::
cpe:2.3:o:linux:linux_kernel:2.4.19:pre6::::::
cpe:2.3:o:linux:linux_kernel:2.4.20:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.21:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.21:pre1::::::
cpe:2.3:o:linux:linux_kernel:2.4.21:pre4::::::
cpe:2.3:o:linux:linux_kernel:2.4.21:pre7::::::
cpe:2.3:o:linux:linux_kernel:2.4.22:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.23:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.23:pre9::::::
cpe:2.3:o:linux:linux_kernel:2.4.23_ow2:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.24:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.24_ow1:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.25:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.26:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.27:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.27:pre1::::::
cpe:2.3:o:linux:linux_kernel:2.4.27:pre2::::::
cpe:2.3:o:linux:linux_kernel:2.4.27:pre3::::::
cpe:2.3:o:linux:linux_kernel:2.4.27:pre4::::::
cpe:2.3:o:linux:linux_kernel:2.4.27:pre5::::::
cpe:2.3:o:linux:linux_kernel:2.4.28:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.29:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.29:rc1::::::
cpe:2.3:o:linux:linux_kernel:2.4.29:rc2::::::
cpe:2.3:o:linux:linux_kernel:2.4.30:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.30:rc2::::::
cpe:2.3:o:linux:linux_kernel:2.4.30:rc3::::::
cpe:2.3:o:linux:linux_kernel:2.4.31:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.31:pre1::::::
cpe:2.3:o:linux:linux_kernel:2.4.32:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.32:pre1::::::
cpe:2.3:o:linux:linux_kernel:2.4.32:pre2::::::
cpe:2.3:o:linux:linux_kernel:2.4.33:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.33:pre1::::::
cpe:2.3:o:linux:linux_kernel:2.4.33.2:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.33.3:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.33.4:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.33.5:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.34:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.35:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.36:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.36.1:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.36.2:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.36.3:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.36.4:::::::*
cpe:2.3:o:linux:linux_kernel:2.4.36.5:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.0:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.0:test1::::::
cpe:2.3:o:linux:linux_kernel:2.6.0:test2::::::
cpe:2.3:o:linux:linux_kernel:2.6.0:test3::::::
cpe:2.3:o:linux:linux_kernel:2.6.0:test4::::::
cpe:2.3:o:linux:linux_kernel:2.6.0:test5::::::
cpe:2.3:o:linux:linux_kernel:2.6.0:test6::::::
cpe:2.3:o:linux:linux_kernel:2.6.0:test7::::::
cpe:2.3:o:linux:linux_kernel:2.6.0:test8::::::
cpe:2.3:o:linux:linux_kernel:2.6.0:test9::::::
cpe:2.3:o:linux:linux_kernel:2.6.1:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.1:rc1::::::
cpe:2.3:o:linux:linux_kernel:2.6.1:rc2::::::
cpe:2.3:o:linux:linux_kernel:2.6.2:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.10:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.10:rc2::::::
cpe:2.3:o:linux:linux_kernel:2.6.11:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.11:rc2::::::
cpe:2.3:o:linux:linux_kernel:2.6.11:rc3::::::
cpe:2.3:o:linux:linux_kernel:2.6.11:rc4::::::
cpe:2.3:o:linux:linux_kernel:2.6.11.4:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.11.5:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.11.6:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.11.7:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.11.8:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.11.11:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.11.12:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.12:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc1::::::
cpe:2.3:o:linux:linux_kernel:2.6.12:rc4::::::
cpe:2.3:o:linux:linux_kernel:2.6.12:rc5::::::
cpe:2.3:o:linux:linux_kernel:2.6.12.1:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.12.2:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.12.3:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.12.4:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.12.5:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.12.6:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.12.12:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.12.22:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.13:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.13:rc1::::::
cpe:2.3:o:linux:linux_kernel:2.6.13:rc4::::::
cpe:2.3:o:linux:linux_kernel:2.6.13:rc6::::::
cpe:2.3:o:linux:linux_kernel:2.6.13:rc7::::::
cpe:2.3:o:linux:linux_kernel:2.6.13.1:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.13.2:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.13.3:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.13.4:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.14:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.14:rc1::::::
cpe:2.3:o:linux:linux_kernel:2.6.14:rc2::::::
cpe:2.3:o:linux:linux_kernel:2.6.14:rc3::::::
cpe:2.3:o:linux:linux_kernel:2.6.14:rc4::::::
cpe:2.3:o:linux:linux_kernel:2.6.14.1:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.14.2:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.14.3:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.14.4:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.14.5:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.15:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.15:rc1::::::
cpe:2.3:o:linux:linux_kernel:2.6.15:rc2::::::
cpe:2.3:o:linux:linux_kernel:2.6.15:rc3::::::
cpe:2.3:o:linux:linux_kernel:2.6.15.1:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.15.2:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.15.3:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.15.4:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.15.5:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.15.11:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16:rc1::::::
cpe:2.3:o:linux:linux_kernel:2.6.16.1:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16.7:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16.9:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16.11:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16.12:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16.13:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16.19:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16.23:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.16.27:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.17:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.17:rc5::::::
cpe:2.3:o:linux:linux_kernel:2.6.17.1:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.17.2:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.17.3:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.17.5:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.17.6:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.17.7:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.17.8:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.17.10:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.17.11:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.17.12:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.17.13:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.17.14:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.18:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.18.1:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.18.3:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.18.4:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.19:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.19:rc1::::::
cpe:2.3:o:linux:linux_kernel:2.6.19:rc2::::::
cpe:2.3:o:linux:linux_kernel:2.6.19:rc3::::::
cpe:2.3:o:linux:linux_kernel:2.6.19:rc4::::::
cpe:2.3:o:linux:linux_kernel:2.6.19.1:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.19.2:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.20:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.20:rc2::::::
cpe:2.3:o:linux:linux_kernel:2.6.20.1:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.20.2:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.20.3:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.20.4:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.20.5:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.20.8:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.20.9:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.20.11:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.20.13:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.20.15:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.21:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.21:rc3::::::
cpe:2.3:o:linux:linux_kernel:2.6.21:rc4::::::
cpe:2.3:o:linux:linux_kernel:2.6.21:rc5::::::
cpe:2.3:o:linux:linux_kernel:2.6.21:rc6::::::
cpe:2.3:o:linux:linux_kernel:2.6.21.1:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.21.2:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.21.6:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.21.7:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.22:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.22.1:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.22.3:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.22.4:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.22.5:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.22.6:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.22.7:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.22.8:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.22.11:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.22.12:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.22.13:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.22.14:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.22.15:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.22.16:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.22.17:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.22_rc1:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.22_rc7:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.23:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.23:rc1::::::
cpe:2.3:o:linux:linux_kernel:2.6.23:rc2::::::
cpe:2.3:o:linux:linux_kernel:2.6.23.1:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.23.2:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.23.3:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.23.4:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.23.5:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.23.6:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.23.7:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.23.9:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.23.10:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.23.14:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.24:rc2::::::
cpe:2.3:o:linux:linux_kernel:2.6.24:rc3::::::
cpe:2.3:o:linux:linux_kernel:2.6.24.1:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.24.2:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.24.6:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.24_rc1:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.25:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.25.1:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.25.2:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.25.3:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.25.4:::::::*
cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:::::::*

Related information, measures and tools

No	URL	refsource
1	http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git%3Ba=commit%3Bh=33afb8403f361919aa5c8fe1d0a4f5ddbfbbea3c	secalert@redhat.com
2	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ddb2c43594f22843e9f3153da151deaba1a834c5	secalert@redhat.com
3	http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.6	secalert@redhat.com
4	http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.5	secalert@redhat.com
5	http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00007.html	secalert@redhat.com
6	http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00012.html	secalert@redhat.com
7	http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.html	secalert@redhat.com
8	http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00001.html	secalert@redhat.com
9	http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00003.html	secalert@redhat.com
10	http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.html	secalert@redhat.com
11	http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html	secalert@redhat.com
12	http://secunia.com/advisories/30000	secalert@redhat.com
13	http://secunia.com/advisories/30580	secalert@redhat.com
14	http://secunia.com/advisories/30644	secalert@redhat.com
15	http://secunia.com/advisories/30658	secalert@redhat.com
16	http://secunia.com/advisories/30982	secalert@redhat.com
17	http://secunia.com/advisories/31107	secalert@redhat.com
18	http://secunia.com/advisories/31836	secalert@redhat.com
19	http://secunia.com/advisories/32103	secalert@redhat.com
20	http://secunia.com/advisories/32104	secalert@redhat.com
21	http://secunia.com/advisories/32370	secalert@redhat.com
22	http://secunia.com/advisories/32759	secalert@redhat.com
23	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0189	secalert@redhat.com
24	http://www.debian.org/security/2008/dsa-1592	secalert@redhat.com
25	http://www.mandriva.com/security/advisories?name=MDVSA-2008:113	secalert@redhat.com
26	http://www.mandriva.com/security/advisories?name=MDVSA-2008:174	secalert@redhat.com
27	http://www.securityfocus.com/archive/1/493300/100/0/threaded	secalert@redhat.com
28	http://www.securityfocus.com/bid/29589	secalert@redhat.com
29	http://www.securitytracker.com/id?1020210	secalert@redhat.com
30	http://www.ubuntu.com/usn/usn-625-1	secalert@redhat.com
31	http://www.vupen.com/english/advisories/2008/1770	secalert@redhat.com
32	https://bugzilla.redhat.com/show_bug.cgi?id=443962	secalert@redhat.com
33	https://exchange.xforce.ibmcloud.com/vulnerabilities/42921	secalert@redhat.com
34	https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00587.html	secalert@redhat.com
35	http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git%3Ba=commit%3Bh=33afb8403f361919aa5c8fe1d0a4f5ddbfbbea3c	af854a3a-2127-422b-91ae-364da2661108
36	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ddb2c43594f22843e9f3153da151deaba1a834c5	af854a3a-2127-422b-91ae-364da2661108
37	http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.6	af854a3a-2127-422b-91ae-364da2661108
38	http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.5	af854a3a-2127-422b-91ae-364da2661108
39	http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00007.html	af854a3a-2127-422b-91ae-364da2661108
40	http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00012.html	af854a3a-2127-422b-91ae-364da2661108
41	http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.html	af854a3a-2127-422b-91ae-364da2661108
42	http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00001.html	af854a3a-2127-422b-91ae-364da2661108
43	http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00003.html	af854a3a-2127-422b-91ae-364da2661108
44	http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.html	af854a3a-2127-422b-91ae-364da2661108
45	http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html	af854a3a-2127-422b-91ae-364da2661108
46	http://secunia.com/advisories/30000	af854a3a-2127-422b-91ae-364da2661108
47	http://secunia.com/advisories/30580	af854a3a-2127-422b-91ae-364da2661108
48	http://secunia.com/advisories/30644	af854a3a-2127-422b-91ae-364da2661108
49	http://secunia.com/advisories/30658	af854a3a-2127-422b-91ae-364da2661108
50	http://secunia.com/advisories/30982	af854a3a-2127-422b-91ae-364da2661108
51	http://secunia.com/advisories/31107	af854a3a-2127-422b-91ae-364da2661108
52	http://secunia.com/advisories/31836	af854a3a-2127-422b-91ae-364da2661108
53	http://secunia.com/advisories/32103	af854a3a-2127-422b-91ae-364da2661108
54	http://secunia.com/advisories/32104	af854a3a-2127-422b-91ae-364da2661108
55	http://secunia.com/advisories/32370	af854a3a-2127-422b-91ae-364da2661108
56	http://secunia.com/advisories/32759	af854a3a-2127-422b-91ae-364da2661108
57	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0189	af854a3a-2127-422b-91ae-364da2661108
58	http://www.debian.org/security/2008/dsa-1592	af854a3a-2127-422b-91ae-364da2661108
59	http://www.mandriva.com/security/advisories?name=MDVSA-2008:113	af854a3a-2127-422b-91ae-364da2661108
60	http://www.mandriva.com/security/advisories?name=MDVSA-2008:174	af854a3a-2127-422b-91ae-364da2661108
61	http://www.securityfocus.com/archive/1/493300/100/0/threaded	af854a3a-2127-422b-91ae-364da2661108
62	http://www.securityfocus.com/bid/29589	af854a3a-2127-422b-91ae-364da2661108
63	http://www.securitytracker.com/id?1020210	af854a3a-2127-422b-91ae-364da2661108
64	http://www.ubuntu.com/usn/usn-625-1	af854a3a-2127-422b-91ae-364da2661108
65	http://www.vupen.com/english/advisories/2008/1770	af854a3a-2127-422b-91ae-364da2661108
66	https://bugzilla.redhat.com/show_bug.cgi?id=443962	af854a3a-2127-422b-91ae-364da2661108
67	https://exchange.xforce.ibmcloud.com/vulnerabilities/42921	af854a3a-2127-422b-91ae-364da2661108
68	https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00587.html	af854a3a-2127-422b-91ae-364da2661108

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-119	バッファエラー	https://cwe.mitre.org/data/definitions/118.html

JVN Vulnerability Information

Linux kernel および gxsnmp パッケージの asn1 の実装における任意のコードを実行される脆弱性

Title	Linux kernel および gxsnmp パッケージの asn1 の実装における任意のコードを実行される脆弱性
Summary	cifs および ip_nat_snmp_basic モジュールで使用される Linux kernel および gxsnmp パッケージの asn1 の実装には、ASN.1 の BER でエンコードされたデータのデコード時に長さの値を適切に検証しないため、サービス運用妨害 (DoS) 状態となる、または任意のコードを実行される脆弱性が存在します。
Possible impacts	第三者にサービス運用妨害 (DoS) 状態にされる、または任意のコードを実行される可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	June 10, 2008, midnight
Registration Date	Feb. 1, 2010, 11:51 a.m.
Last Update	Feb. 1, 2010, 11:51 a.m.

Affected System

サイバートラスト株式会社

Asianux Server 3.0

Asianux Server 3.0 (x86-64)

Linux

Linux Kernel 2.4.36.6 未満

Linux Kernel 2.6.25.5 未満

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2008-1673	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1673
National Vulnerability Database (NVD)
2	CVE-2008-1673	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-1673

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-119	https://jvndb.jvn.jp/ja/cwe/CWE-119.html

ベンダー情報

No	Name	URL
Linux Kernel
1	ChangeLog-2.4.36.6	http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.6
2	ChangeLog-2.4.37	http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.37
3	ChangeLog-2.6.25.5	http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.5
MIRACLE LINUX アップデート情報
4	1835	http://www.miraclelinux.com/support/index.php?q=node/99&errata_id=1835

その他

No	Name	URL
ISS X-Force Database
1	42921	http://xforce.iss.net/xforce/xfdb/42921
Secunia Advisory
2	SA30580	http://secunia.com/advisories/30580
SecurityFocus
3	29589	http://www.securityfocus.com/bid/29589
SecurityTracker
4	1020210	http://www.securitytracker.com/id?1020210
VUPEN Security
5	VUPEN/ADV-2008-1770	http://www.vupen.com/english/advisories/2008/1770

Change Log

No	Changed Details	Date of change
0	[2010年02月01日] 掲載	Feb. 17, 2018, 10:37 a.m.