Lucene search
HistoryJun 25, 2009 - 2:00 a.m.
CVE-2009-2208
cve-2009-2208
freebsd
permissions
siocsifinfo_in6
ioctl
ipv6
network interfaces
mtu
3.6 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:P/A:P
6.5 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
FreeBSD 6.3, 6.4, 7.1, and 7.2 does not enforce permissions on the SIOCSIFINFO_IN6 IOCTL, which allows local users to modify or disable IPv6 network interfaces, as demonstrated by modifying the MTU.
Affected configurations
Node
freebsdfreebsdMatch6.3
ORfreebsdfreebsdMatch6.3release_p10
ORfreebsdfreebsdMatch6.3release_p11
ORfreebsdfreebsdMatch6.3release_p6
ORfreebsdfreebsdMatch6.3release_p8
ORfreebsdfreebsdMatch6.3release_p9
ORfreebsdfreebsdMatch6.3_releng
ORfreebsdfreebsdMatch6.4
ORfreebsdfreebsdMatch6.4release
ORfreebsdfreebsdMatch6.4release_p2
ORfreebsdfreebsdMatch6.4release_p3
ORfreebsdfreebsdMatch6.4release_p4
ORfreebsdfreebsdMatch6.4release_p5
ORfreebsdfreebsdMatch6.4stable
ORfreebsdfreebsdMatch7.1
ORfreebsdfreebsdMatch7.1pre-release
ORfreebsdfreebsdMatch7.1rc1
ORfreebsdfreebsdMatch7.1release-p1
ORfreebsdfreebsdMatch7.1release-p2
ORfreebsdfreebsdMatch7.1release-p4
ORfreebsdfreebsdMatch7.1release-p5
ORfreebsdfreebsdMatch7.1release-p6
ORfreebsdfreebsdMatch7.1stable
ORfreebsdfreebsdMatch7.2
ORfreebsdfreebsdMatch7.2pre-release
ORfreebsdfreebsdMatch7.2stable
Related
ubuntucve
ubuntucve
CVE-2009-2208
2009-06-25 00:00:00
nvd
nvd
CVE-2009-2208
2009-06-25 02:00:00
prion
prion
Design/Logic Flaw
2009-06-25 02:00:00
cvelist
cvelist
CVE-2009-2208
2009-06-24 23:00:00
openvas
openvas
FreeBSD Security Advisory (FreeBSD-SA-09:10.ipv6.asc)
2009-06-15 00:00:00
3.6 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:P/A:P
6.5 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2009-2208