Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3530

Overview

Vulnerability Score 7.1 7.1
CVE Id CVE-2008-3530
Last Modified 16 May 2009 01:22:44
Published 05 Sep 2008 12:08:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3530

Summary

sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message.

Vulnerable Systems

Operating System

  • Freebsd 6.3

  • Freebsd 7.0

  • Freebsd 7.1


References

CERT - TA09-133A

BID - 31004

FREEBSD - FreeBSD-SA-08:09

XF - freebsd-icmp6mtudiscupdate-dos(44908)

VUPEN - ADV-2009-1297

VUPEN - ADV-2009-0633

SECTRACK - 1021111

SECTRACK - 1020820

CONFIRM - http://support.apple.com/kb/HT3549

CONFIRM - http://support.apple.com/kb/HT3467

SECUNIA - 35074

SECUNIA - 32401

SECUNIA - 31745

APPLE - APPLE-SA-2009-05-12

NETBSD - NetBSD-SA2008-015

Related Patches

Apple 2009-05-12 Mac OS X 10.5.7 Combo Update

Apple 2009-05-12 Mac OS X Server 10.5.7 Update

Apple 2009-05-12 Mac OS X 10.5.7 Update

Apple 2009-05-12 Mac OS X Server 10.5.7 Combo Update


Last Updated: 27 May 2016 10:48:13