CVE-2008-2709 - Vulnerability Details - OpenCVE

Buffer overflow in the BrSmRcvAndCheck function in the RCHMGR module on IBM OS/400 V5R4M0, V5R4M5, and V6R1M0 allows local users to cause a denial of service (task halt and main storage dump) via unspecified vectors involving the running of diagnostics on a modem port. NOTE: there might be limited attack scenarios.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Ibm	Os 400

Configuration 1 [-]

OR	cpe:2.3:o:ibm:os_400:v5r4m0:::::::*
	cpe:2.3:o:ibm:os_400:v5r4m5:::::::*
	cpe:2.3:o:ibm:os_400:v6r1m0:::::::*

No data.

References

Link	Providers
http://secunia.com/advisories/30554
http://www-1.ibm.com/support/docview.wss?uid=nas21f21bcbaa63f55268625745e003c6f64
http://www.securityfocus.com/bid/29660
http://www.vupen.com/english/advisories/2008/1799
https://exchange.xforce.ibmcloud.com/vulnerabilities/42984

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2008-06-16T20:00:00

Updated: 2024-08-07T09:14:14.649Z

Reserved: 2008-06-16T00:00:00

Link: CVE-2008-2709

Vulnrichment

No data.

NVD

Status : Modified

Published: 2008-06-16T20:41:00.000

Modified: 2024-11-21T00:47:31.240

Link: CVE-2008-2709

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-06-12T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in the BrSmRcvAndCheck function in the RCHMGR module on IBM OS/400 V5R4M0, V5R4M5, and V6R1M0 allows local users to cause a denial of service (task halt and main storage dump) via unspecified vectors involving the running of diagnostics on a modem port. NOTE: there might be limited attack scenarios."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-07T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "30554", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30554"}, {"name": "MA36741", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www-1.ibm.com/support/docview.wss?uid=nas21f21bcbaa63f55268625745e003c6f64"}, {"name": "ADV-2008-1799", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/1799"}, {"name": "29660", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/29660"}, {"name": "os400-brsmrcvandcheck-bo(42984)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42984"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-2709", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in the BrSmRcvAndCheck function in the RCHMGR module on IBM OS/400 V5R4M0, V5R4M5, and V6R1M0 allows local users to cause a denial of service (task halt and main storage dump) via unspecified vectors involving the running of diagnostics on a modem port. NOTE: there might be limited attack scenarios."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "30554", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30554"}, {"name": "MA36741", "refsource": "AIXAPAR", "url": "http://www-1.ibm.com/support/docview.wss?uid=nas21f21bcbaa63f55268625745e003c6f64"}, {"name": "ADV-2008-1799", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/1799"}, {"name": "29660", "refsource": "BID", "url": "http://www.securityfocus.com/bid/29660"}, {"name": "os400-brsmrcvandcheck-bo(42984)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42984"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T09:14:14.649Z"}, "title": "CVE Program Container", "references": [{"name": "30554", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30554"}, {"name": "MA36741", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "http://www-1.ibm.com/support/docview.wss?uid=nas21f21bcbaa63f55268625745e003c6f64"}, {"name": "ADV-2008-1799", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/1799"}, {"name": "29660", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/29660"}, {"name": "os400-brsmrcvandcheck-bo(42984)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42984"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-2709", "datePublished": "2008-06-16T20:00:00", "dateReserved": "2008-06-16T00:00:00", "dateUpdated": "2024-08-07T09:14:14.649Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:os_400:v5r4m0:*:*:*:*:*:*:*", "matchCriteriaId": "F448C696-3FC9-442F-8F01-F1103287274F", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:os_400:v5r4m5:*:*:*:*:*:*:*", "matchCriteriaId": "4B18B289-2C9F-46CC-9CDE-4D424A74ACB1", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:os_400:v6r1m0:*:*:*:*:*:*:*", "matchCriteriaId": "14477D0B-1123-4B93-AD9F-95C78138B6E8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in the BrSmRcvAndCheck function in the RCHMGR module on IBM OS/400 V5R4M0, V5R4M5, and V6R1M0 allows local users to cause a denial of service (task halt and main storage dump) via unspecified vectors involving the running of diagnostics on a modem port. NOTE: there might be limited attack scenarios."}, {"lang": "es", "value": "Desbordamiento de buffer en la funci\u00f3n BrSmRcvAndCheck en el m\u00f3dulo RCHMGR de IBM OS/400 V5R4M0, V5R4M5, y V6R1M0, permite a atacantes locales provocar una denegaci\u00f3n de servicio (parada de tarea y volcado de almacemiento principal), a trav\u00e9s de vectores no especificados involucrados en la ejecuci\u00f3n de diagn\u00f3sticos en un puerto de modem. NOTA: Podr\u00eda haber escenarios de ataque limitados."}], "id": "CVE-2008-2709", "lastModified": "2024-11-21T00:47:31.240", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.7, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-06-16T20:41:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30554"}, {"source": "cve@mitre.org", "url": "http://www-1.ibm.com/support/docview.wss?uid=nas21f21bcbaa63f55268625745e003c6f64"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/29660"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/1799"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42984"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30554"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-1.ibm.com/support/docview.wss?uid=nas21f21bcbaa63f55268625745e003c6f64"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/29660"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/1799"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42984"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}