CVE-2008-5133

ipnat in IP Filter in Sun Solaris 10 and OpenSolaris before snv_96, when running on a DNS server with Network Address Translation (NAT) configured, improperly changes the source port of a packet when the destination port is the DNS port, which allows remote attackers to bypass an intended CVE-2008-1447 protection mechanism and spoof the responses to DNS queries sent by named.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 60%
Common Weakness Enumeration
References
http://secunia.com/advisories/32625
http://sunsolve.sun.com/search/document.do?assetkey=1-26-245206-1
http://www.vupen.com/english/advisories/2008/3129
https://exchange.xforce.ibmcloud.com/vulnerabilities/46721
http://secunia.com/advisories/32625
http://sunsolve.sun.com/search/document.do?assetkey=1-26-245206-1
http://www.vupen.com/english/advisories/2008/3129
https://exchange.xforce.ibmcloud.com/vulnerabilities/46721