Lucene search

PRIOn knowledge basePRION:CVE-2008-3530

HistorySep 05, 2008 - 4:08 p.m.

Input validation

2008-09-0516:08:00

PRIOn knowledge base

www.prio-n.com

6.7 Medium

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.1%

JSON

sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message.

CPENameOperatorVersion
freebsdeq6.3
freebsdeq7.0
freebsdeq7.1

Name	Operator	Version
freebsd	eq	6.3
freebsd	eq	7.0
freebsd	eq	7.1

References

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-015.txt.asc

lists.apple.com/archives/security-announce/2009/May/msg00002.html

secunia.com/advisories/31745

secunia.com/advisories/32401

secunia.com/advisories/35074

security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc

support.apple.com/kb/HT3467

support.apple.com/kb/HT3549

www.securityfocus.com/bid/31004

www.securitytracker.com/id?1020820

www.securitytracker.com/id?1021111

www.us-cert.gov/cas/techalerts/TA09-133A.html

www.vupen.com/english/advisories/2009/0633

www.vupen.com/english/advisories/2009/1297

exchange.xforce.ibmcloud.com/vulnerabilities/44908