CVE-2008-5229 - OpenCVE

Stack-based buffer overflow in Microsoft Device IO Control in iphlpapi.dll in Microsoft Windows Vista Gold and SP1 allows local users in the Network Configuration Operator group to gain privileges or cause a denial of service (system crash) via a large invalid PrefixLength to the CreateIpForwardEntry2 method, as demonstrated by a "route add" command. NOTE: this issue might not cross privilege boundaries.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:M/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Windows Vista

Configuration 1 [-]

OR	cpe:2.3:o:microsoft:windows_vista::sp1::::::*
	cpe:2.3:o:microsoft:windows_vista:gold:::::::*

No data.

References

Link	Providers
http://secunia.com/advisories/32791
http://securityreason.com/securityalert/4646
http://securitytracker.com/id?1021245
http://www.securityfocus.com/archive/1/498471/100/0/threaded
http://www.securityfocus.com/archive/1/498650/100/0/threaded
http://www.securityfocus.com/bid/32357
https://exchange.xforce.ibmcloud.com/vulnerabilities/46742

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2008-11-25T23:00:00

Updated: 2024-08-07T10:49:12.237Z

Reserved: 2008-11-25T00:00:00

Link: CVE-2008-5229

Vulnrichment

No data.

NVD

Status : Modified

Published: 2008-11-25T23:30:00.577

Modified: 2018-10-11T20:54:25.603

Link: CVE-2008-5229

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-11-19T00:00:00", "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in Microsoft Device IO Control in iphlpapi.dll in Microsoft Windows Vista Gold and SP1 allows local users in the Network Configuration Operator group to gain privileges or cause a denial of service (system crash) via a large invalid PrefixLength to the CreateIpForwardEntry2 method, as demonstrated by a \"route add\" command. NOTE: this issue might not cross privilege boundaries."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-11T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20081125 Re: Microsoft VISTA TCP/IP stack buffer overflow", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/498650/100/0/threaded"}, {"name": "win-vista-iphlpapi-bo(46742)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46742"}, {"name": "20081119 Microsoft VISTA TCP/IP stack buffer overflow", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/498471/100/0/threaded"}, {"name": "32791", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32791"}, {"name": "1021245", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1021245"}, {"name": "4646", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/4646"}, {"name": "32357", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/32357"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-5229", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Stack-based buffer overflow in Microsoft Device IO Control in iphlpapi.dll in Microsoft Windows Vista Gold and SP1 allows local users in the Network Configuration Operator group to gain privileges or cause a denial of service (system crash) via a large invalid PrefixLength to the CreateIpForwardEntry2 method, as demonstrated by a \"route add\" command. NOTE: this issue might not cross privilege boundaries."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20081125 Re: Microsoft VISTA TCP/IP stack buffer overflow", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/498650/100/0/threaded"}, {"name": "win-vista-iphlpapi-bo(46742)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46742"}, {"name": "20081119 Microsoft VISTA TCP/IP stack buffer overflow", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/498471/100/0/threaded"}, {"name": "32791", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/32791"}, {"name": "1021245", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1021245"}, {"name": "4646", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/4646"}, {"name": "32357", "refsource": "BID", "url": "http://www.securityfocus.com/bid/32357"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T10:49:12.237Z"}, "title": "CVE Program Container", "references": [{"name": "20081125 Re: Microsoft VISTA TCP/IP stack buffer overflow", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/498650/100/0/threaded"}, {"name": "win-vista-iphlpapi-bo(46742)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46742"}, {"name": "20081119 Microsoft VISTA TCP/IP stack buffer overflow", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/498471/100/0/threaded"}, {"name": "32791", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/32791"}, {"name": "1021245", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1021245"}, {"name": "4646", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/4646"}, {"name": "32357", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/32357"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-5229", "datePublished": "2008-11-25T23:00:00", "dateReserved": "2008-11-25T00:00:00", "dateUpdated": "2024-08-07T10:49:12.237Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:gold:*:*:*:*:*:*:*", "matchCriteriaId": "1D12423F-FCCD-4F4C-9037-7607C1F1F99E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in Microsoft Device IO Control in iphlpapi.dll in Microsoft Windows Vista Gold and SP1 allows local users in the Network Configuration Operator group to gain privileges or cause a denial of service (system crash) via a large invalid PrefixLength to the CreateIpForwardEntry2 method, as demonstrated by a \"route add\" command. NOTE: this issue might not cross privilege boundaries."}, {"lang": "es", "value": "Un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en Device IO Control de Microsoft en la biblioteca iphlpapi.dll en Microsoft Windows Vista Gold y SP1, permite a los usuarios locales del grupo Operador de Configuraci\u00f3n de Red alcanzar privilegios o causar una denegaci\u00f3n de servicio (bloqueo del sistema) por medio de un prefixLength largo no v\u00e1lido en el m\u00e9todo CreateIpForwardEntry2, como es demostrado mediante un comando \"route add\". NOTA: es posible que este problema no cruce los l\u00edmites de privilegios."}], "id": "CVE-2008-5229", "lastModified": "2018-10-11T20:54:25.603", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-11-25T23:30:00.577", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/32791"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://securityreason.com/securityalert/4646"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://securitytracker.com/id?1021245"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/498471/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/498650/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/32357"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46742"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}