CVE Vulnerability

CVE-2008-3530

sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message.

7.1 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8.6 / Impact : 6.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

Scope

References
Link Resource
http://security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc Patch
http://www.securityfocus.com/bid/31004 Patch
http://secunia.com/advisories/31745 Vendor Advisory
http://www.securitytracker.com/id?1020820
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-015.txt.asc
http://secunia.com/advisories/32401
http://www.securitytracker.com/id?1021111
http://support.apple.com/kb/HT3467
http://www.vupen.com/english/advisories/2009/0633
http://support.apple.com/kb/HT3549
http://www.vupen.com/english/advisories/2009/1297
http://secunia.com/advisories/35074
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
http://www.us-cert.gov/cas/techalerts/TA09-133A.html US Government Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/44908
Configurations

Configuration 1

cpe:2.3:o:freebsd:freebsd:6.3:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:7.0:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:7.1:*:*:*:*:*:*:*
Information

Published : 2008-09-05 04:08

Updated : 2017-08-08 01:31

NVD link : CVE-2008-3530

Mitre link : CVE-2008-3530

Products Affected
No products.
CWE
CWE-20