Vulnerabilities > CVE-2008-0384 - Local Denial of Service vulnerability in Openbsd 4.2

047910
CVSS 4.9 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
COMPLETE
local
low complexity
openbsd
exploit available
NVD
Published: 2008-01-22
Updated: 2018-10-30

Summary

OpenBSD 4.2 allows local users to cause a denial of service (kernel panic) by calling the SIOCGIFRTLABEL IOCTL on an interface that does not have a route label, which triggers a NULL pointer dereference when the return value from the rtlabel_id2name function is not checked.

Vulnerable Configurations

Part Description Count
OS
Openbsd
1

Exploit-Db

descriptionOpenBSD 4.2 rtlabel_id2name() Local Null Pointer Dereference DoS. CVE-2008-0384. Dos exploit for bsd platform
fileexploits/bsd/dos/4935.c
idEDB-ID:4935
last seen2016-01-31
modified2008-01-18
platformbsd
port
published2008-01-18
reporterHunger
sourcehttps://www.exploit-db.com/download/4935/
titleOpenBSD 4.2 rtlabel_id2name Local Null Pointer Dereference DoS
typedos

References