ID |
CVE-2009-0687
|
Summary |
The pf_test_rule function in OpenBSD Packet Filter (PF), as used in OpenBSD 4.2 through 4.5, NetBSD 5.0 before RC3, MirOS 10 and earlier, and MidnightBSD 0.3-current allows remote attackers to cause a denial of service (panic) via crafted IP packets that trigger a NULL pointer dereference during translation, related to an IPv4 packet with an ICMPv6 payload. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:o:midnightbsd:midnightbsd:0.3-current:*:*:*:*:*:*:*
cpe:2.3:o:midnightbsd:midnightbsd:0.3-current:*:*:*:*:*:*:*
-
cpe:2.3:o:mirbsd:miros:*:*:*:*:*:*:*:*
cpe:2.3:o:mirbsd:miros:*:*:*:*:*:*:*:*
-
cpe:2.3:o:netbsd:netbsd:5.0:*:*:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:5.0:*:*:*:*:*:*:*
-
cpe:2.3:o:openbsd:openbsd:4.2:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:4.2:*:*:*:*:*:*:*
-
cpe:2.3:o:openbsd:openbsd:4.3:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:4.3:*:*:*:*:*:*:*
-
cpe:2.3:o:openbsd:openbsd:4.4:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:4.4:*:*:*:*:*:*:*
-
cpe:2.3:o:openbsd:openbsd:4.5:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:4.5:*:*:*:*:*:*:*
|
CVSS |
Base: | 7.8 (as of 29-09-2017 - 01:33) |
Impact: | |
Exploitability: | |
|
CWE |
CWE-399 |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
NONE |
NONE |
COMPLETE |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
refmap
via4
|
bugtraq | 20090413 OpenBSD 4.3 up to OpenBSD-current: PF null pointer dereference - remote DoS (kernel panic) | exploit-db | | misc | | netbsd | NetBSD-SA2009-001 | openbsd | - [4.3] 013: RELIABILITY FIX: April 11, 2009
- [4.4] 013: RELIABILITY FIX: April 11, 2009
- [4.5] 002: RELIABILITY FIX: April 11, 2009
| osvdb | 53608 | vupen | ADV-2009-1015 | xf | openbsd-packetfilter-dos(49837) |
|
Last major update |
29-09-2017 - 01:33 |
Published |
11-08-2009 - 10:30 |
Last modified |
29-09-2017 - 01:33 |