| ID |
CVE-2009-0687
|
| Summary |
The pf_test_rule function in OpenBSD Packet Filter (PF), as used in OpenBSD 4.2 through 4.5, NetBSD 5.0 before RC3, MirOS 10 and earlier, and MidnightBSD 0.3-current allows remote attackers to cause a denial of service (panic) via crafted IP packets that trigger a NULL pointer dereference during translation, related to an IPv4 packet with an ICMPv6 payload. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:o:midnightbsd:midnightbsd:0.3-current:*:*:*:*:*:*:*
cpe:2.3:o:midnightbsd:midnightbsd:0.3-current:*:*:*:*:*:*:*
-
cpe:2.3:o:mirbsd:miros:*:*:*:*:*:*:*:*
cpe:2.3:o:mirbsd:miros:*:*:*:*:*:*:*:*
-
cpe:2.3:o:netbsd:netbsd:5.0:*:*:*:*:*:*:*
cpe:2.3:o:netbsd:netbsd:5.0:*:*:*:*:*:*:*
-
cpe:2.3:o:openbsd:openbsd:4.2:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:4.2:*:*:*:*:*:*:*
-
cpe:2.3:o:openbsd:openbsd:4.3:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:4.3:*:*:*:*:*:*:*
-
cpe:2.3:o:openbsd:openbsd:4.4:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:4.4:*:*:*:*:*:*:*
-
cpe:2.3:o:openbsd:openbsd:4.5:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:4.5:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 7.8 (as of 29-09-2017 - 01:33) |
| Impact: | |
| Exploitability: | |
|
| CWE |
CWE-399 |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| NONE |
NONE |
COMPLETE |
|
| cvss-vector
via4
|
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
| refmap
via4
|
| bugtraq | 20090413 OpenBSD 4.3 up to OpenBSD-current: PF null pointer dereference - remote DoS (kernel panic) | | exploit-db | | | misc | | | netbsd | NetBSD-SA2009-001 | | openbsd | - [4.3] 013: RELIABILITY FIX: April 11, 2009
- [4.4] 013: RELIABILITY FIX: April 11, 2009
- [4.5] 002: RELIABILITY FIX: April 11, 2009
| | osvdb | 53608 | | vupen | ADV-2009-1015 | | xf | openbsd-packetfilter-dos(49837) |
|
| Last major update |
29-09-2017 - 01:33 |
| Published |
11-08-2009 - 10:30 |
| Last modified |
29-09-2017 - 01:33 |
