CVE-2008-1280 - Vulnerability Details - OpenCVE

Acronis True Image Windows Agent 1.0.0.54 and earlier, included in Acronis True Image Enterprise Server 9.5.0.8072 and the other True Image packages, allows remote attackers to cause a denial of service (crash) via a malformed packet to port 9876, which triggers a NULL pointer dereference.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Acronis	True Image True Image Windows Agent

Configuration 1 [-]

OR	cpe:2.3:a:acronis:true_image::::::::
	cpe:2.3:a:acronis:true_image_windows_agent::::::::

No data.

References

Link	Providers
http://aluigi.altervista.org/adv/acroagent-adv.txt
http://secunia.com/advisories/29306
http://www.securityfocus.com/archive/1/489362/100/0/threaded
http://www.securityfocus.com/bid/28169
http://www.vupen.com/english/advisories/2008/0812/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41070

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2008-03-10T23:00:00

Updated: 2024-08-07T08:17:34.499Z

Reserved: 2008-03-10T00:00:00

Link: CVE-2008-1280

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2008-03-10T23:44:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2008-1280

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-03-08T00:00:00", "descriptions": [{"lang": "en", "value": "Acronis True Image Windows Agent 1.0.0.54 and earlier, included in Acronis True Image Enterprise Server 9.5.0.8072 and the other True Image packages, allows remote attackers to cause a denial of service (crash) via a malformed packet to port 9876, which triggers a NULL pointer dereference."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-11T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "29306", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/29306"}, {"name": "acronis-windows-agent-dos(41070)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41070"}, {"name": "ADV-2008-0812", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/0812/references"}, {"tags": ["x_refsource_MISC"], "url": "http://aluigi.altervista.org/adv/acroagent-adv.txt"}, {"name": "28169", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/28169"}, {"name": "20080310 NULL pointer in Acronis True Image Windows Agent 1.0.0.54", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/489362/100/0/threaded"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-1280", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Acronis True Image Windows Agent 1.0.0.54 and earlier, included in Acronis True Image Enterprise Server 9.5.0.8072 and the other True Image packages, allows remote attackers to cause a denial of service (crash) via a malformed packet to port 9876, which triggers a NULL pointer dereference."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "29306", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29306"}, {"name": "acronis-windows-agent-dos(41070)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41070"}, {"name": "ADV-2008-0812", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0812/references"}, {"name": "http://aluigi.altervista.org/adv/acroagent-adv.txt", "refsource": "MISC", "url": "http://aluigi.altervista.org/adv/acroagent-adv.txt"}, {"name": "28169", "refsource": "BID", "url": "http://www.securityfocus.com/bid/28169"}, {"name": "20080310 NULL pointer in Acronis True Image Windows Agent 1.0.0.54", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/489362/100/0/threaded"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T08:17:34.499Z"}, "title": "CVE Program Container", "references": [{"name": "29306", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/29306"}, {"name": "acronis-windows-agent-dos(41070)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41070"}, {"name": "ADV-2008-0812", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/0812/references"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://aluigi.altervista.org/adv/acroagent-adv.txt"}, {"name": "28169", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/28169"}, {"name": "20080310 NULL pointer in Acronis True Image Windows Agent 1.0.0.54", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/489362/100/0/threaded"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-1280", "datePublished": "2008-03-10T23:00:00", "dateReserved": "2008-03-10T00:00:00", "dateUpdated": "2024-08-07T08:17:34.499Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:acronis:true_image:*:*:*:*:*:*:*:*", "matchCriteriaId": "583DBEEA-1CCE-4CDF-B1F9-06FD696E2AB1", "versionEndIncluding": "9.5.0.8072", "vulnerable": true}, {"criteria": "cpe:2.3:a:acronis:true_image_windows_agent:*:*:*:*:*:*:*:*", "matchCriteriaId": "F11427B3-83A0-4C7C-92DB-37E9F7605793", "versionEndIncluding": "1.0.0.54", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Acronis True Image Windows Agent 1.0.0.54 and earlier, included in Acronis True Image Enterprise Server 9.5.0.8072 and the other True Image packages, allows remote attackers to cause a denial of service (crash) via a malformed packet to port 9876, which triggers a NULL pointer dereference."}, {"lang": "es", "value": "Acronis True Image Windows Agent 1.0.0.54 y anteriores, inclu\u00eddos en Acronis True Image Enterprise Server 9.5.0.8072 y los otros paquetes True Image, permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de un paquete mal formado hacia el puerto 8976 que dispara una referencia a un puntero NULL."}], "id": "CVE-2008-1280", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-03-10T23:44:00.000", "references": [{"source": "cve@mitre.org", "url": "http://aluigi.altervista.org/adv/acroagent-adv.txt"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/29306"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/489362/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/28169"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/0812/references"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41070"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://aluigi.altervista.org/adv/acroagent-adv.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/29306"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/489362/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/28169"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/0812/references"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41070"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}