Unrated severityNVD Advisory· Published Mar 14, 2008· Updated Apr 23, 2026

CVE-2008-1118

Description

Timbuktu Pro 8.6.5 for Windows, and possibly 8.7 for Mac OS X, does not perform input validation before logging information fields taken from packets from a remote peer, which allows remote attackers to generate crafted log entries, and possibly avoid detection of attacks, via modified (1) computer name, (2) user name, and (3) IP address fields.

Affected products

Netopia/Timbuktu Pro
cpe:2.3:a:netopia:timbuktu_pro:8.6.5:*:windows:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/28081nvdExploit
secunia.com/advisories/29316nvdVendor Advisory
securityreason.com/securityalert/3742nvd
www.coresecurity.comnvd
www.securityfocus.com/archive/1/489414/100/0/threadednvd
exchange.xforce.ibmcloud.com/vulnerabilities/41330nvd
www.exploit-db.com/exploits/5238nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.009
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000