CVE-2008-3530 (GCVE-0-2008-3530)

Vulnerability from cvelistv5

Published

2008-09-05 16:00

Modified

2024-08-07 09:45

Severity ?

CWE

Summary

References

URL

Tags

cve@mitre.org	ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-015.txt.asc
cve@mitre.org	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
cve@mitre.org	http://secunia.com/advisories/31745	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/32401
cve@mitre.org	http://secunia.com/advisories/35074
cve@mitre.org	http://security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc	Patch
cve@mitre.org	http://support.apple.com/kb/HT3467
cve@mitre.org	http://support.apple.com/kb/HT3549
cve@mitre.org	http://www.securityfocus.com/bid/31004	Patch
cve@mitre.org	http://www.securitytracker.com/id?1020820
cve@mitre.org	http://www.securitytracker.com/id?1021111
cve@mitre.org	http://www.us-cert.gov/cas/techalerts/TA09-133A.html	US Government Resource
cve@mitre.org	http://www.vupen.com/english/advisories/2009/0633
cve@mitre.org	http://www.vupen.com/english/advisories/2009/1297
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/44908
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-015.txt.asc
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31745	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/32401
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/35074
af854a3a-2127-422b-91ae-364da2661108	http://security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc	Patch
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT3467
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT3549
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/31004	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1020820
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1021111
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA09-133A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/0633
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/1297
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/44908

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:45:18.624Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "NetBSD-SA2008-015",
            "tags": [
              "vendor-advisory",
              "x_refsource_NETBSD",
              "x_transferred"
            ],
            "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-015.txt.asc"
          },
          {
            "name": "31745",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31745"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3549"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3467"
          },
          {
            "name": "FreeBSD-SA-08:09",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc"
          },
          {
            "name": "35074",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35074"
          },
          {
            "name": "APPLE-SA-2009-05-12",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
          },
          {
            "name": "1021111",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1021111"
          },
          {
            "name": "freebsd-icmp6mtudiscupdate-dos(44908)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44908"
          },
          {
            "name": "31004",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/31004"
          },
          {
            "name": "TA09-133A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
          },
          {
            "name": "ADV-2009-1297",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1297"
          },
          {
            "name": "1020820",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1020820"
          },
          {
            "name": "32401",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32401"
          },
          {
            "name": "ADV-2009-0633",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0633"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-09-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "NetBSD-SA2008-015",
          "tags": [
            "vendor-advisory",
            "x_refsource_NETBSD"
          ],
          "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-015.txt.asc"
        },
        {
          "name": "31745",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31745"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3549"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3467"
        },
        {
          "name": "FreeBSD-SA-08:09",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc"
        },
        {
          "name": "35074",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35074"
        },
        {
          "name": "APPLE-SA-2009-05-12",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
        },
        {
          "name": "1021111",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1021111"
        },
        {
          "name": "freebsd-icmp6mtudiscupdate-dos(44908)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44908"
        },
        {
          "name": "31004",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/31004"
        },
        {
          "name": "TA09-133A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
        },
        {
          "name": "ADV-2009-1297",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1297"
        },
        {
          "name": "1020820",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1020820"
        },
        {
          "name": "32401",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32401"
        },
        {
          "name": "ADV-2009-0633",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0633"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-3530",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "NetBSD-SA2008-015",
              "refsource": "NETBSD",
              "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-015.txt.asc"
            },
            {
              "name": "31745",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31745"
            },
            {
              "name": "http://support.apple.com/kb/HT3549",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT3549"
            },
            {
              "name": "http://support.apple.com/kb/HT3467",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT3467"
            },
            {
              "name": "FreeBSD-SA-08:09",
              "refsource": "FREEBSD",
              "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc"
            },
            {
              "name": "35074",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35074"
            },
            {
              "name": "APPLE-SA-2009-05-12",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
            },
            {
              "name": "1021111",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1021111"
            },
            {
              "name": "freebsd-icmp6mtudiscupdate-dos(44908)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44908"
            },
            {
              "name": "31004",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/31004"
            },
            {
              "name": "TA09-133A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
            },
            {
              "name": "ADV-2009-1297",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1297"
            },
            {
              "name": "1020820",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1020820"
            },
            {
              "name": "32401",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/32401"
            },
            {
              "name": "ADV-2009-0633",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0633"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-3530",
    "datePublished": "2008-09-05T16:00:00",
    "dateReserved": "2008-08-07T00:00:00",
    "dateUpdated": "2024-08-07T09:45:18.624Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-3530\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2008-09-05T16:08:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message.\"},{\"lang\":\"es\",\"value\":\"sys/netinet6/icmp6.c del kernel en FreeBSD 6.3 hasta la 7.1 no comprueba correctamente la nueva MTU propuesta en un paquete ICMPv6 de mensaje demasiado grande, lo cual permite a los atacantes remotos provocar una denegaci\u00f3n de servicio (panic) a trav\u00e9s de un Paquete manipulado Gran Mensaje.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:C\",\"baseScore\":7.1,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F702C46F-CA02-4FA2-B7D6-C61C2C095679\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47E0A416-733A-4616-AE08-150D67FCEA70\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"803EFA9F-B7CB-4511-B1C1-381170CA9A23\"}]}]}],\"references\":[{\"url\":\"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-015.txt.asc\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/31745\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/32401\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/35074\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://support.apple.com/kb/HT3467\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.apple.com/kb/HT3549\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/31004\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securitytracker.com/id?1020820\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1021111\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA09-133A.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/0633\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/1297\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/44908\",\"source\":\"cve@mitre.org\"},{\"url\":\"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-015.txt.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/31745\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/32401\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/35074\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://support.apple.com/kb/HT3467\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.apple.com/kb/HT3549\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/31004\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securitytracker.com/id?1020820\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1021111\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA09-133A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/0633\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/1297\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/44908\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

var-200809-0176

Vulnerability from variot

sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message. A vulnerability in some implementations of the IPv6 Neighbor Discovery Protocol may allow a nearby attacker to intercept traffic or cause congested links to become overloaded. FreeBSD is prone to a remote denial-of-service vulnerability. Remote attackers can exploit this issue to cause the kernel's TCP stack to panic, denying service to legitimate users. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

============================================================================= FreeBSD-SA-08:09.icmp6 Security Advisory The FreeBSD Project

Topic: Remote kernel panics on IPv6 connections

Category: core Module: sys_netinet6 Announced: 2008-09-03 Credits: Tom Parker, Bjoern A. Zeeb Affects: All supported versions of FreeBSD. Corrected: 2008-09-03 19:09:47 UTC (RELENG_7, 7.1-PRERELEASE) 2008-09-03 19:09:47 UTC (RELENG_7_0, 7.0-RELEASE-p4) 2008-09-03 19:09:47 UTC (RELENG_6, 6.4-PRERELEASE) 2008-09-03 19:09:47 UTC (RELENG_6_3, 6.3-RELEASE-p4) CVE Name: CVE-2008-3530

For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .

I. Background

IPv6 nodes use ICMPv6 amongst other things to report errors encountered while processing packets. The 'Packet Too Big Message' is sent in case a node cannot forward a packet because the size of the packet is larger than the MTU of next-hop link.

II.

III. Workaround

Systems without INET6 / IPv6 support are not vulnerable and neither are systems which do not listen on any IPv6 TCP sockets and have no active IPv6 connections.

Filter ICMPv6 'Packet Too Big Messages' using a firewall, but this will at the same time break PMTU support for IPv6 connections.

V. Solution

Perform one of the following:

1) Upgrade your vulnerable system to 6-STABLE or 7-STABLE, or to the RELENG_6_3 or RELENG_7_0 security branch dated after the correction date.

2) To patch your present system:

The following patches have been verified to apply to FreeBSD 6.3 and FreeBSD 7.0 systems.

a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.

fetch http://security.FreeBSD.org/patches/SA-08:09/icmp6.patch

fetch http://security.FreeBSD.org/patches/SA-08:09/icmp6.patch.asc

b) Apply the patch.

cd /usr/src

patch < /path/to/patch

c) Recompile your kernel as described in and reboot the system.

VI. Correction details

The following list contains the revision numbers of each file that was corrected in FreeBSD.

Branch Revision Path

RELENG_6 src/sys/netinet6/icmp6.c 1.62.2.11 RELENG_6_3 src/UPDATING 1.416.2.37.2.9 src/sys/conf/newvers.sh 1.69.2.15.2.8 src/sys/netinet6/icmp6.c 1.62.2.9.2.1 RELENG_7 src/sys/netinet6/icmp6.c 1.80.2.7 RELENG_7_0 src/UPDATING 1.507.2.3.2.8 src/sys/conf/newvers.sh 1.72.2.5.2.8 src/sys/netinet6/icmp6.c 1.80.4.1

VII. References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3530

The latest revision of this advisory is available at http://security.FreeBSD.org/advisories/FreeBSD-SA-08:09.icmp6.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD)

iD8DBQFIvu2hFdaIBMps37IRAjxxAJwIIXP+ALAZkvG5m687PC+92BtXTwCfUZdS AvvrO0r+UAa6bn1H9mFf9So= =MBB1 -----END PGP SIGNATURE----- . ----------------------------------------------------------------------

Do you need accurate and reliable IDS / IPS / AV detection rules?

Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/

TITLE: FreeBSD IPv6 Neighbor Discovery Protocol Neighbor Solicitation Vulnerability

SECUNIA ADVISORY ID: SA32112

VERIFY ADVISORY: http://secunia.com/advisories/32112/

CRITICAL: Less critical

IMPACT: Spoofing, Exposure of sensitive information, DoS

WHERE:

From local network

OPERATING SYSTEM: FreeBSD 6.x http://secunia.com/advisories/product/6778/

DESCRIPTION: A vulnerability has been reported in FreeBSD, which can be exploited by malicious people to conduct spoofing attacks, disclose potentially sensitive information, or to cause a DoS (Denial of Service). This can be exploited to add a fake entry to the router's neighbor cache via a neighbor solicitation request containing a spoofed IPv6 address.

Successful exploitation may allow the interception or disruption of network traffic, but requires that the IPv6 nodes involved in the attack are using the same router.

Fixed versions: 2008-10-01 00:32:59 UTC (RELENG_7, 7.1-PRERELEASE) 2008-10-01 00:32:59 UTC (RELENG_7_0, 7.0-RELEASE-p5) 2008-10-01 00:32:59 UTC (RELENG_6, 6.4-PRERELEASE) 2008-10-01 00:32:59 UTC (RELENG_6_3, 6.3-RELEASE-p5)

Patch for FreeBSD 6.3: http://security.FreeBSD.org/patches/SA-08:10/nd6-6.patch http://security.FreeBSD.org/patches/SA-08:10/nd6-6.patch.asc

Patch for FreeBSD 7.0: http://security.FreeBSD.org/patches/SA-08:10/nd6-7.patch http://security.FreeBSD.org/patches/SA-08:10/nd6-7.patch.asc

PROVIDED AND/OR DISCOVERED BY: The vendor credits David Miles.

ORIGINAL ADVISORY: http://security.freebsd.org/advisories/FreeBSD-SA-08:10.nd6.asc

OTHER REFERENCES: US-CERT VU#472363: http://www.kb.cert.org/vuls/id/472363

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200809-0176",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "freebsd",
        "version": "6.3"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "freebsd",
        "version": "7.0"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "freebsd",
        "version": "7.1"
      },
      {
        "model": "netbsd",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "netbsd",
        "version": "3.1"
      },
      {
        "model": "netbsd",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "netbsd",
        "version": "4.0"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "apple computer",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "extreme",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "force10",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "ibm zseries",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "netbsd",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "openbsd",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "wind river",
        "version": null
      },
      {
        "model": "netbsd",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "netbsd",
        "version": "3.0"
      },
      {
        "model": "airmac express",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "base station"
      },
      {
        "model": "airmac extreme",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "base station"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.5 to  v10.5.6"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.5 to  v10.5.6"
      },
      {
        "model": "time capsule",
        "scope": null,
        "trust": 0.8,
        "vendor": "apple",
        "version": null
      },
      {
        "model": "7.0-release",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "current",
        "scope": null,
        "trust": 0.3,
        "vendor": "netbsd",
        "version": null
      },
      {
        "model": "netbsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "netbsd",
        "version": "3.0.1"
      },
      {
        "model": "-stable",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "6.0"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.6"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.3"
      },
      {
        "model": "airport extreme base station with 802.11n",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.4.1"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.6"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.3"
      },
      {
        "model": "airport base station",
        "scope": null,
        "trust": 0.3,
        "vendor": "apple",
        "version": null
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5"
      },
      {
        "model": "beta2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "netbsd",
        "version": "4.0"
      },
      {
        "model": "time capsule",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.4.1"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.5"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.4"
      },
      {
        "model": "airport express",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.1"
      },
      {
        "model": "netbsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "netbsd",
        "version": "3.0.2"
      },
      {
        "model": "-releng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "6.3"
      },
      {
        "model": "airport express base station with 802.11n",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.4.1"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.4"
      },
      {
        "model": "airport extreme base station",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "airport express",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.2"
      },
      {
        "model": "financials server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "navision",
        "version": "3.0"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.1"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.2"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.1"
      },
      {
        "model": "-releng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "7.0"
      },
      {
        "model": "4,0 beta",
        "scope": null,
        "trust": 0.3,
        "vendor": "netbsd",
        "version": null
      },
      {
        "model": "3.1 rc3",
        "scope": null,
        "trust": 0.3,
        "vendor": "netbsd",
        "version": null
      },
      {
        "model": "mac os",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.7"
      },
      {
        "model": "mac os server",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.7"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#472363"
      },
      {
        "db": "BID",
        "id": "31004"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-002306"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200809-087"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3530"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:freebsd:freebsd",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:netbsd:netbsd",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:apple:airport_express",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:apple:airmac_extreme",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:apple:mac_os_x",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:apple:mac_os_x_server",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:apple:time_capsule",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-002306"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Tom Parker\u203b tom@rooted.net\u203bBjoern A. Zeeb\u203b bz@zabbadoz.net",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200809-087"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2008-3530",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2008-3530",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2008-3530",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#472363",
            "trust": 0.8,
            "value": "2.70"
          },
          {
            "author": "NVD",
            "id": "CVE-2008-3530",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200809-087",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#472363"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-002306"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200809-087"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3530"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message. A vulnerability in some implementations of the IPv6 Neighbor Discovery Protocol may allow a nearby attacker to intercept traffic or cause congested links to become overloaded. FreeBSD is prone to a remote denial-of-service vulnerability. \nRemote attackers can exploit this issue to cause the kernel\u0027s TCP stack to panic, denying service to legitimate users. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=============================================================================\nFreeBSD-SA-08:09.icmp6                                      Security Advisory\n                                                          The FreeBSD Project\n\nTopic:          Remote kernel panics on IPv6 connections\n\nCategory:       core\nModule:         sys_netinet6\nAnnounced:      2008-09-03\nCredits:        Tom Parker, Bjoern A. Zeeb\nAffects:        All supported versions of FreeBSD. \nCorrected:      2008-09-03 19:09:47 UTC (RELENG_7, 7.1-PRERELEASE)\n                2008-09-03 19:09:47 UTC (RELENG_7_0, 7.0-RELEASE-p4)\n                2008-09-03 19:09:47 UTC (RELENG_6, 6.4-PRERELEASE)\n                2008-09-03 19:09:47 UTC (RELENG_6_3, 6.3-RELEASE-p4)\nCVE Name:       CVE-2008-3530\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:http://security.FreeBSD.org/\u003e. \n\nI.   Background\n\nIPv6 nodes use ICMPv6 amongst other things to report errors encountered\nwhile processing packets.  The \u0027Packet Too Big Message\u0027 is sent in\ncase a node cannot forward a packet because the size of the packet is\nlarger than the MTU of next-hop link. \n\nII. \n\nIII.  Workaround\n\nSystems without INET6 / IPv6 support are not vulnerable and neither\nare systems which do not listen on any IPv6 TCP sockets and have no\nactive IPv6 connections. \n\nFilter ICMPv6 \u0027Packet Too Big Messages\u0027 using a firewall, but this\nwill at the same time break PMTU support for IPv6 connections. \n\nV.   Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to 6-STABLE or 7-STABLE, or to the\nRELENG_6_3 or RELENG_7_0 security branch dated after the correction date. \n\n2) To patch your present system:\n\nThe following patches have been verified to apply to FreeBSD 6.3 and\nFreeBSD 7.0 systems. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n# fetch http://security.FreeBSD.org/patches/SA-08:09/icmp6.patch\n# fetch http://security.FreeBSD.org/patches/SA-08:09/icmp6.patch.asc\n\nb) Apply the patch. \n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile your kernel as described in\n\u003cURL:http://www.FreeBSD.org/handbook/kernelconfig.html\u003e and reboot the\nsystem. \n\nVI.  Correction details\n\nThe following list contains the revision numbers of each file that was\ncorrected in FreeBSD. \n\nBranch                                                           Revision\n  Path\n- -------------------------------------------------------------------------\nRELENG_6\n  src/sys/netinet6/icmp6.c                                      1.62.2.11\nRELENG_6_3\n  src/UPDATING                                             1.416.2.37.2.9\n  src/sys/conf/newvers.sh                                   1.69.2.15.2.8\n  src/sys/netinet6/icmp6.c                                   1.62.2.9.2.1\nRELENG_7\n  src/sys/netinet6/icmp6.c                                       1.80.2.7\nRELENG_7_0\n  src/UPDATING                                              1.507.2.3.2.8\n  src/sys/conf/newvers.sh                                    1.72.2.5.2.8\n  src/sys/netinet6/icmp6.c                                       1.80.4.1\n- -------------------------------------------------------------------------\n\nVII. References\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3530\n\nThe latest revision of this advisory is available at\nhttp://security.FreeBSD.org/advisories/FreeBSD-SA-08:09.icmp6.asc\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (FreeBSD)\n\niD8DBQFIvu2hFdaIBMps37IRAjxxAJwIIXP+ALAZkvG5m687PC+92BtXTwCfUZdS\nAvvrO0r+UAa6bn1H9mFf9So=\n=MBB1\n-----END PGP SIGNATURE-----\n. ----------------------------------------------------------------------\n\nDo you need accurate and reliable IDS / IPS / AV detection rules?\n\nGet in-depth vulnerability details:\nhttp://secunia.com/binary_analysis/sample_analysis/\n\n----------------------------------------------------------------------\n\nTITLE:\nFreeBSD IPv6 Neighbor Discovery Protocol Neighbor Solicitation\nVulnerability\n\nSECUNIA ADVISORY ID:\nSA32112\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/32112/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nSpoofing, Exposure of sensitive information, DoS\n\nWHERE:\n\u003eFrom local network\n\nOPERATING SYSTEM:\nFreeBSD 6.x\nhttp://secunia.com/advisories/product/6778/\n\nDESCRIPTION:\nA vulnerability has been reported in FreeBSD, which can be exploited\nby malicious people to conduct spoofing attacks, disclose potentially\nsensitive information, or to cause a DoS (Denial of Service). This can be exploited to add a fake entry to the router\u0027s\nneighbor cache via a neighbor solicitation request containing a\nspoofed IPv6 address. \n\nSuccessful exploitation may allow the interception or disruption of\nnetwork traffic, but requires that the IPv6 nodes involved in the\nattack are using the same router. \n\nFixed versions:\n2008-10-01 00:32:59 UTC (RELENG_7, 7.1-PRERELEASE)\n2008-10-01 00:32:59 UTC (RELENG_7_0, 7.0-RELEASE-p5)\n2008-10-01 00:32:59 UTC (RELENG_6, 6.4-PRERELEASE)\n2008-10-01 00:32:59 UTC (RELENG_6_3, 6.3-RELEASE-p5)\n\nPatch for FreeBSD 6.3:\nhttp://security.FreeBSD.org/patches/SA-08:10/nd6-6.patch\nhttp://security.FreeBSD.org/patches/SA-08:10/nd6-6.patch.asc\n\nPatch for FreeBSD 7.0:\nhttp://security.FreeBSD.org/patches/SA-08:10/nd6-7.patch\nhttp://security.FreeBSD.org/patches/SA-08:10/nd6-7.patch.asc\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits David Miles. \n\nORIGINAL ADVISORY:\nhttp://security.freebsd.org/advisories/FreeBSD-SA-08:10.nd6.asc\n\nOTHER REFERENCES:\nUS-CERT VU#472363:\nhttp://www.kb.cert.org/vuls/id/472363\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2008-3530"
      },
      {
        "db": "CERT/CC",
        "id": "VU#472363"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-002306"
      },
      {
        "db": "BID",
        "id": "31004"
      },
      {
        "db": "PACKETSTORM",
        "id": "69619"
      },
      {
        "db": "PACKETSTORM",
        "id": "70559"
      }
    ],
    "trust": 2.79
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2008-3530",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "31004",
        "trust": 2.7
      },
      {
        "db": "SECUNIA",
        "id": "32401",
        "trust": 2.4
      },
      {
        "db": "SECUNIA",
        "id": "31745",
        "trust": 2.4
      },
      {
        "db": "SECTRACK",
        "id": "1021111",
        "trust": 2.4
      },
      {
        "db": "SECTRACK",
        "id": "1020820",
        "trust": 2.4
      },
      {
        "db": "VUPEN",
        "id": "ADV-2009-0633",
        "trust": 2.4
      },
      {
        "db": "VUPEN",
        "id": "ADV-2009-1297",
        "trust": 1.6
      },
      {
        "db": "SECUNIA",
        "id": "35074",
        "trust": 1.6
      },
      {
        "db": "USCERT",
        "id": "TA09-133A",
        "trust": 1.6
      },
      {
        "db": "XF",
        "id": "44908",
        "trust": 1.4
      },
      {
        "db": "CERT/CC",
        "id": "VU#472363",
        "trust": 0.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-002306",
        "trust": 0.8
      },
      {
        "db": "APPLE",
        "id": "APPLE-SA-2009-05-12",
        "trust": 0.6
      },
      {
        "db": "NETBSD",
        "id": "NETBSD-SA2008-015",
        "trust": 0.6
      },
      {
        "db": "XF",
        "id": "6",
        "trust": 0.6
      },
      {
        "db": "CERT/CC",
        "id": "TA09-133A",
        "trust": 0.6
      },
      {
        "db": "FREEBSD",
        "id": "FREEBSD-SA-08:09",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200809-087",
        "trust": 0.6
      },
      {
        "db": "SECUNIA",
        "id": "32112",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "69619",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "70559",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#472363"
      },
      {
        "db": "BID",
        "id": "31004"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-002306"
      },
      {
        "db": "PACKETSTORM",
        "id": "69619"
      },
      {
        "db": "PACKETSTORM",
        "id": "70559"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200809-087"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3530"
      }
    ]
  },
  "id": "VAR-200809-0176",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.3892159333333334
  },
  "last_update_date": "2024-11-29T19:41:46.802000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "HT3549",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT3549"
      },
      {
        "title": "HT3467",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT3467"
      },
      {
        "title": "HT3467",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT3467?viewlocale=ja_JP"
      },
      {
        "title": "HT3549",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT3549?viewlocale=ja_JP"
      },
      {
        "title": "FreeBSD-SA-08:09.icmp6",
        "trust": 0.8,
        "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc"
      },
      {
        "title": "NetBSD-SA2008-015",
        "trust": 0.8,
        "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-015.txt.asc"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-002306"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-002306"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3530"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.4,
        "url": "http://secunia.com/advisories/32401"
      },
      {
        "trust": 2.4,
        "url": "http://secunia.com/advisories/31745"
      },
      {
        "trust": 2.4,
        "url": "http://www.securityfocus.com/bid/31004"
      },
      {
        "trust": 2.4,
        "url": "http://www.securitytracker.com/id?1021111"
      },
      {
        "trust": 2.4,
        "url": "http://www.securitytracker.com/id?1020820"
      },
      {
        "trust": 2.4,
        "url": "http://www.vupen.com/english/advisories/2009/0633"
      },
      {
        "trust": 1.9,
        "url": "http://support.apple.com/kb/ht3467"
      },
      {
        "trust": 1.7,
        "url": "http://security.freebsd.org/advisories/freebsd-sa-08:09.icmp6.asc"
      },
      {
        "trust": 1.6,
        "url": "http://www.us-cert.gov/cas/techalerts/ta09-133a.html"
      },
      {
        "trust": 1.6,
        "url": "http://www.vupen.com/english/advisories/2009/1297"
      },
      {
        "trust": 1.6,
        "url": "http://support.apple.com/kb/ht3549"
      },
      {
        "trust": 1.6,
        "url": "http://secunia.com/advisories/35074"
      },
      {
        "trust": 1.6,
        "url": "http://lists.apple.com/archives/security-announce/2009/may/msg00002.html"
      },
      {
        "trust": 1.6,
        "url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-015.txt.asc"
      },
      {
        "trust": 1.4,
        "url": "http://xforce.iss.net/xforce/xfdb/44908"
      },
      {
        "trust": 1.0,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44908"
      },
      {
        "trust": 0.9,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3530"
      },
      {
        "trust": 0.8,
        "url": "http://tools.ietf.org/html/rfc4861"
      },
      {
        "trust": 0.8,
        "url": "http://tools.ietf.org/html/rfc4861#section-2.1"
      },
      {
        "trust": 0.8,
        "url": "http://www.ietf.org/rfc/rfc2461.txt"
      },
      {
        "trust": 0.8,
        "url": "http://www.ietf.org/rfc/rfc3756.txt"
      },
      {
        "trust": 0.8,
        "url": "http://www.ietf.org/rfc/rfc3177.txt"
      },
      {
        "trust": 0.8,
        "url": "http://tools.ietf.org/html/rfc3971"
      },
      {
        "trust": 0.8,
        "url": "http://docs.sun.com/app/docs/doc/817-0573/6mgc65bb6?a=view"
      },
      {
        "trust": 0.8,
        "url": "http://msdn.microsoft.com/en-us/library/ms900123.aspx"
      },
      {
        "trust": 0.8,
        "url": "http://en.wikipedia.org/wiki/forwarding_information_base#fibs_in_ingress_filtering_against_denial_of_service"
      },
      {
        "trust": 0.8,
        "url": "http://en.wikipedia.org/wiki/reverse_path_forwarding"
      },
      {
        "trust": 0.8,
        "url": "http://www.openbsd.org/faq/pf/filter.html#antispoof"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-3530"
      },
      {
        "trust": 0.3,
        "url": "http://www.freebsd.org/"
      },
      {
        "trust": 0.1,
        "url": "http://security.freebsd.org/\u003e."
      },
      {
        "trust": 0.1,
        "url": "http://www.freebsd.org/handbook/kernelconfig.html\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://security.freebsd.org/patches/sa-08:09/icmp6.patch"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-3530"
      },
      {
        "trust": 0.1,
        "url": "http://security.freebsd.org/patches/sa-08:09/icmp6.patch.asc"
      },
      {
        "trust": 0.1,
        "url": "http://security.freebsd.org/patches/sa-08:10/nd6-6.patch.asc"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/32112/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/binary_analysis/sample_analysis/"
      },
      {
        "trust": 0.1,
        "url": "http://security.freebsd.org/patches/sa-08:10/nd6-6.patch"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://security.freebsd.org/advisories/freebsd-sa-08:10.nd6.asc"
      },
      {
        "trust": 0.1,
        "url": "http://security.freebsd.org/patches/sa-08:10/nd6-7.patch.asc"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/product/6778/"
      },
      {
        "trust": 0.1,
        "url": "http://security.freebsd.org/patches/sa-08:10/nd6-7.patch"
      },
      {
        "trust": 0.1,
        "url": "http://www.kb.cert.org/vuls/id/472363"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#472363"
      },
      {
        "db": "BID",
        "id": "31004"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-002306"
      },
      {
        "db": "PACKETSTORM",
        "id": "69619"
      },
      {
        "db": "PACKETSTORM",
        "id": "70559"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200809-087"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3530"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#472363"
      },
      {
        "db": "BID",
        "id": "31004"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-002306"
      },
      {
        "db": "PACKETSTORM",
        "id": "69619"
      },
      {
        "db": "PACKETSTORM",
        "id": "70559"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200809-087"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3530"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2008-10-02T00:00:00",
        "db": "CERT/CC",
        "id": "VU#472363"
      },
      {
        "date": "2008-09-03T00:00:00",
        "db": "BID",
        "id": "31004"
      },
      {
        "date": "2009-04-06T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2008-002306"
      },
      {
        "date": "2008-09-04T02:48:27",
        "db": "PACKETSTORM",
        "id": "69619"
      },
      {
        "date": "2008-10-02T21:01:10",
        "db": "PACKETSTORM",
        "id": "70559"
      },
      {
        "date": "2008-09-05T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200809-087"
      },
      {
        "date": "2008-09-05T16:08:00",
        "db": "NVD",
        "id": "CVE-2008-3530"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2009-04-27T00:00:00",
        "db": "CERT/CC",
        "id": "VU#472363"
      },
      {
        "date": "2009-05-13T18:46:00",
        "db": "BID",
        "id": "31004"
      },
      {
        "date": "2009-06-29T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2008-002306"
      },
      {
        "date": "2009-05-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200809-087"
      },
      {
        "date": "2024-11-21T00:49:28.367000",
        "db": "NVD",
        "id": "CVE-2008-3530"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200809-087"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "IPv6 implementations insecurely update Forwarding Information Base",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#472363"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200809-087"
      }
    ],
    "trust": 0.6
  }
}

fkie_cve-2008-3530

Vulnerability from fkie_nvd

Published

2008-09-05 16:08

Modified

2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-015.txt.asc
cve@mitre.org	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
cve@mitre.org	http://secunia.com/advisories/31745	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/32401
cve@mitre.org	http://secunia.com/advisories/35074
cve@mitre.org	http://security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc	Patch
cve@mitre.org	http://support.apple.com/kb/HT3467
cve@mitre.org	http://support.apple.com/kb/HT3549
cve@mitre.org	http://www.securityfocus.com/bid/31004	Patch
cve@mitre.org	http://www.securitytracker.com/id?1020820
cve@mitre.org	http://www.securitytracker.com/id?1021111
cve@mitre.org	http://www.us-cert.gov/cas/techalerts/TA09-133A.html	US Government Resource
cve@mitre.org	http://www.vupen.com/english/advisories/2009/0633
cve@mitre.org	http://www.vupen.com/english/advisories/2009/1297
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/44908
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-015.txt.asc
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31745	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/32401
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/35074
af854a3a-2127-422b-91ae-364da2661108	http://security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc	Patch
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT3467
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT3549
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/31004	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1020820
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1021111
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA09-133A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/0633
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/1297
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/44908

Impacted products

Vendor	Product	Version
freebsd	freebsd	6.3
freebsd	freebsd	7.0
freebsd	freebsd	7.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F702C46F-CA02-4FA2-B7D6-C61C2C095679",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "47E0A416-733A-4616-AE08-150D67FCEA70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "803EFA9F-B7CB-4511-B1C1-381170CA9A23",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message."
    },
    {
      "lang": "es",
      "value": "sys/netinet6/icmp6.c del kernel en FreeBSD 6.3 hasta la 7.1 no comprueba correctamente la nueva MTU propuesta en un paquete ICMPv6 de mensaje demasiado grande, lo cual permite a los atacantes remotos provocar una denegaci\u00f3n de servicio (panic) a trav\u00e9s de un Paquete manipulado Gran Mensaje."
    }
  ],
  "id": "CVE-2008-3530",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-09-05T16:08:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-015.txt.asc"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31745"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/32401"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/35074"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.apple.com/kb/HT3467"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.apple.com/kb/HT3549"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/31004"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1020820"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1021111"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/0633"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/1297"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44908"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-015.txt.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31745"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/32401"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/35074"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT3467"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT3549"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/31004"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020820"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1021111"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0633"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/1297"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44908"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTA-2008-AVI-461

Vulnerability from certfr_avis

Une vulnérabilité présente dans le noyau de FreeBSD permet à un utilisateur distant de provoquer un déni de service du système vulnérable.

Description

Une erreur est présente dans la pile IPv6 des systèmes FreeBSD. Celle-ci est relative à la gestion des paquets de type ICMPv6 et permet à un utilisateur distant de provoquer un déni de service par le biais d'un paquet ICMPv6 construit de façon particulière.

Le fait que la pile IPv6 soit active sur le système n'est pas suffisant pour exploiter la vulnérabilité. Il est nécessaire qu'une socket TCP IPv6 soit en écoute sur l'interface par laquelle seront reçus les paquets de l'attaquant.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	FreeBSD	N/A	FreeBSD 6.3 ;
	FreeBSD	N/A	FreeBSD 7.0.

References

Title

Publication Time

Tags

Bulletin de sécurité FreeBSD-SA-08:09.icmp6	None	vendor-advisory
Bulletin de sécurité FreeBSD SA-08:09.icmp6 du 03 septembre 2008 : http://security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "FreeBSD 6.3 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "FreeBSD",
          "scada": false
        }
      }
    },
    {
      "description": "FreeBSD 7.0.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "FreeBSD",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne erreur est pr\u00e9sente dans la pile IPv6 des syst\u00e8mes FreeBSD. Celle-ci\nest relative \u00e0 la gestion des paquets de type ICMPv6 et permet \u00e0 un\nutilisateur distant de provoquer un d\u00e9ni de service par le biais d\u0027un\npaquet ICMPv6 construit de fa\u00e7on particuli\u00e8re.\n\nLe fait que la pile IPv6 soit active sur le syst\u00e8me n\u0027est pas suffisant\npour exploiter la vuln\u00e9rabilit\u00e9. Il est n\u00e9cessaire qu\u0027une socket TCP\nIPv6 soit en \u00e9coute sur l\u0027interface par laquelle seront re\u00e7us les\npaquets de l\u0027attaquant.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-3530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3530"
    }
  ],
  "initial_release_date": "2008-09-16T00:00:00",
  "last_revision_date": "2008-10-07T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 FreeBSD SA-08:09.icmp6 du 03 septembre    2008 :      http://security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc",
      "url": "http://security.freebsd.org/FreeBSD-SA-08:09.icmp6.asc"
    }
  ],
  "reference": "CERTA-2008-AVI-461",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-09-16T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence CVE.",
      "revision_date": "2008-10-07T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 pr\u00e9sente dans le noyau de FreeBSD permet \u00e0 un\nutilisateur distant de provoquer un d\u00e9ni de service du syst\u00e8me\nvuln\u00e9rable.\n",
  "title": "Vuln\u00e9rabilit\u00e9 de FreeBSD",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 FreeBSD-SA-08:09.icmp6",
      "url": null
    }
  ]
}

CERTA-2009-AVI-186

Vulnerability from certfr_avis

Plusieurs vulnérabilités ont été identifiées dans le système d'exploitation Apple Mac OS X. L'exploitation de certaines d'entre elles peut conduire à l'exécution de code arbitraire à distance sur le système vulnérable.

Description

Plusieurs vulnérabilités ont été identifiées dans le système d'exploitation Apple Mac OS X. Elles touchent divers composants et services installés comme CFNetworks (manipulation des échanges HTTP), CoreGraphics (manipulation de fichiers PDF), Help Viewer (manipulation de l'URI help:), QuickDraw Manager (manipulation d'images PICT), Safari (manipulation de l'URI feed:), OpenSSL, PHP, WebKit, X11, etc.

L'exploitation de certaines de ces vulnérabilités peut conduire à l'exécution de code arbitraire à distance sur le système vulnérable.

Solution

Se référer au bulletin de sécurité 2009-002 de Apple pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	N/A	Mac OS X Server version 10.4.11 ainsi que celles antérieures.
Apple	N/A	Mac OS X Server version 10.5.6 ainsi que celles antérieures ;
Apple	N/A	Mac OS X version 10.5.6 ainsi que celles antérieures ;
Apple	N/A	Mac OS X version 10.4.11 ainsi que celles antérieures ;

References

Title

Publication Time

Tags

Bulletin de sécurité 2009-002 Apple du 12 mai 2009	None	vendor-advisory
Détails concernant la mise à jour de sécurité 2009-002 du 12 mai 2009 :	-	other
Bulletin de sécurité Apple 61798 du 12 mai 2009 :	-	other
Détails concernant la mise à jour de sécurité 2009-002 du 12 mai 2009 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Mac OS X Server version 10.4.11 ainsi que celles ant\u00e9rieures.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X Server version 10.5.6 ainsi que celles ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X version 10.5.6 ainsi que celles ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X version 10.4.11 ainsi que celles ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le syst\u00e8me\nd\u0027exploitation Apple Mac OS X. Elles touchent divers composants et\nservices install\u00e9s comme CFNetworks (manipulation des \u00e9changes HTTP),\nCoreGraphics (manipulation de fichiers PDF), Help Viewer (manipulation\nde l\u0027URI help:), QuickDraw Manager (manipulation d\u0027images PICT), Safari\n(manipulation de l\u0027URI feed:), OpenSSL, PHP, WebKit, X11, etc.\n\nL\u0027exploitation de certaines de ces vuln\u00e9rabilit\u00e9s peut conduire \u00e0\nl\u0027ex\u00e9cution de code arbitraire \u00e0 distance sur le syst\u00e8me vuln\u00e9rable.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 2009-002 de Apple pour l\u0027obtention\ndes correctifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-0160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0160"
    },
    {
      "name": "CVE-2009-0147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0147"
    },
    {
      "name": "CVE-2008-3652",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3652"
    },
    {
      "name": "CVE-2009-0846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0846"
    },
    {
      "name": "CVE-2008-5557",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5557"
    },
    {
      "name": "CVE-2009-0847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0847"
    },
    {
      "name": "CVE-2009-0155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0155"
    },
    {
      "name": "CVE-2008-3657",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3657"
    },
    {
      "name": "CVE-2009-0153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0153"
    },
    {
      "name": "CVE-2008-1517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1517"
    },
    {
      "name": "CVE-2008-3660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3660"
    },
    {
      "name": "CVE-2008-3529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3529"
    },
    {
      "name": "CVE-2008-0456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0456"
    },
    {
      "name": "CVE-2009-0943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0943"
    },
    {
      "name": "CVE-2009-0157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0157"
    },
    {
      "name": "CVE-2008-3651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3651"
    },
    {
      "name": "CVE-2009-0010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0010"
    },
    {
      "name": "CVE-2009-0040",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0040"
    },
    {
      "name": "CVE-2008-1382",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1382"
    },
    {
      "name": "CVE-2004-1185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2004-1185"
    },
    {
      "name": "CVE-2009-0148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0148"
    },
    {
      "name": "CVE-2008-2371",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2371"
    },
    {
      "name": "CVE-2008-3658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3658"
    },
    {
      "name": "CVE-2008-3443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3443"
    },
    {
      "name": "CVE-2008-3659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3659"
    },
    {
      "name": "CVE-2009-0025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0025"
    },
    {
      "name": "CVE-2008-3863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3863"
    },
    {
      "name": "CVE-2008-2383",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2383"
    },
    {
      "name": "CVE-2008-3530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3530"
    },
    {
      "name": "CVE-2009-0149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0149"
    },
    {
      "name": "CVE-2009-0154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0154"
    },
    {
      "name": "CVE-2008-3790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3790"
    },
    {
      "name": "CVE-2009-0159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0159"
    },
    {
      "name": "CVE-2008-2829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2829"
    },
    {
      "name": "CVE-2009-0165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0165"
    },
    {
      "name": "CVE-2009-0144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0144"
    },
    {
      "name": "CVE-2009-0162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0162"
    },
    {
      "name": "CVE-2008-3655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3655"
    },
    {
      "name": "CVE-2004-1186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2004-1186"
    },
    {
      "name": "CVE-2008-2665",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2665"
    },
    {
      "name": "CVE-2009-0114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0114"
    },
    {
      "name": "CVE-2008-2666",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2666"
    },
    {
      "name": "CVE-2009-0021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0021"
    },
    {
      "name": "CVE-2009-0519",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0519"
    },
    {
      "name": "CVE-2009-0145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0145"
    },
    {
      "name": "CVE-2008-3656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3656"
    },
    {
      "name": "CVE-2009-0146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0146"
    },
    {
      "name": "CVE-2009-0844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0844"
    },
    {
      "name": "CVE-2009-0942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0942"
    },
    {
      "name": "CVE-2009-0152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0152"
    },
    {
      "name": "CVE-2009-0156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0156"
    },
    {
      "name": "CVE-2009-0946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0946"
    },
    {
      "name": "CVE-2009-0150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0150"
    },
    {
      "name": "CVE-2008-4309",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4309"
    },
    {
      "name": "CVE-2007-2754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-2754"
    },
    {
      "name": "CVE-2009-0845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0845"
    },
    {
      "name": "CVE-2009-0944",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0944"
    },
    {
      "name": "CVE-2009-0164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0164"
    },
    {
      "name": "CVE-2009-0520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0520"
    },
    {
      "name": "CVE-2008-2939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2939"
    },
    {
      "name": "CVE-2009-0161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0161"
    },
    {
      "name": "CVE-2008-0158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0158"
    },
    {
      "name": "CVE-2004-1184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2004-1184"
    },
    {
      "name": "CVE-2008-5077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5077"
    },
    {
      "name": "CVE-2006-0747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-0747"
    },
    {
      "name": "CVE-2009-0945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0945"
    }
  ],
  "initial_release_date": "2009-05-13T00:00:00",
  "last_revision_date": "2009-05-13T00:00:00",
  "links": [
    {
      "title": "D\u00e9tails concernant la mise \u00e0 jour de s\u00e9curit\u00e9 2009-002 du    12 mai 2009\u00a0:",
      "url": "http://support.apple.com/kb/HT3397"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 61798 du 12 mai 2009 :",
      "url": "http://docs.info.apple.com/article.html?artnum=61798"
    },
    {
      "title": "D\u00e9tails concernant la mise \u00e0 jour de s\u00e9curit\u00e9 2009-002 du    12 mai 2009\u00a0:",
      "url": "http://support.apple.com/kb/HT3549"
    }
  ],
  "reference": "CERTA-2009-AVI-186",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-05-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le syst\u00e8me\nd\u0027exploitation Apple Mac OS X. L\u0027exploitation de certaines d\u0027entre elles\npeut conduire \u00e0 l\u0027ex\u00e9cution de code arbitraire \u00e0 distance sur le syst\u00e8me\nvuln\u00e9rable.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 2009-002 Apple du 12 mai 2009",
      "url": null
    }
  ]
}

gsd-2008-3530

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

Aliases

CVE-2008-3530

Aliases

CVE-2008-3530

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-3530",
    "description": "sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message.",
    "id": "GSD-2008-3530"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-3530"
      ],
      "details": "sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message.",
      "id": "GSD-2008-3530",
      "modified": "2023-12-13T01:23:05.904569Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2008-3530",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "NetBSD-SA2008-015",
            "refsource": "NETBSD",
            "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-015.txt.asc"
          },
          {
            "name": "31745",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/31745"
          },
          {
            "name": "http://support.apple.com/kb/HT3549",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT3549"
          },
          {
            "name": "http://support.apple.com/kb/HT3467",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT3467"
          },
          {
            "name": "FreeBSD-SA-08:09",
            "refsource": "FREEBSD",
            "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc"
          },
          {
            "name": "35074",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/35074"
          },
          {
            "name": "APPLE-SA-2009-05-12",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
          },
          {
            "name": "1021111",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1021111"
          },
          {
            "name": "freebsd-icmp6mtudiscupdate-dos(44908)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44908"
          },
          {
            "name": "31004",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/31004"
          },
          {
            "name": "TA09-133A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
          },
          {
            "name": "ADV-2009-1297",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2009/1297"
          },
          {
            "name": "1020820",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1020820"
          },
          {
            "name": "32401",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/32401"
          },
          {
            "name": "ADV-2009-0633",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2009/0633"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:freebsd:freebsd:6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:freebsd:freebsd:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:freebsd:freebsd:7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-3530"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "FreeBSD-SA-08:09",
              "refsource": "FREEBSD",
              "tags": [
                "Patch"
              ],
              "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc"
            },
            {
              "name": "31004",
              "refsource": "BID",
              "tags": [
                "Patch"
              ],
              "url": "http://www.securityfocus.com/bid/31004"
            },
            {
              "name": "31745",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/31745"
            },
            {
              "name": "1020820",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1020820"
            },
            {
              "name": "NetBSD-SA2008-015",
              "refsource": "NETBSD",
              "tags": [],
              "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-015.txt.asc"
            },
            {
              "name": "32401",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/32401"
            },
            {
              "name": "1021111",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1021111"
            },
            {
              "name": "http://support.apple.com/kb/HT3467",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.apple.com/kb/HT3467"
            },
            {
              "name": "ADV-2009-0633",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2009/0633"
            },
            {
              "name": "http://support.apple.com/kb/HT3549",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.apple.com/kb/HT3549"
            },
            {
              "name": "ADV-2009-1297",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2009/1297"
            },
            {
              "name": "35074",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/35074"
            },
            {
              "name": "APPLE-SA-2009-05-12",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
            },
            {
              "name": "TA09-133A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
            },
            {
              "name": "freebsd-icmp6mtudiscupdate-dos(44908)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44908"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-08-08T01:31Z",
      "publishedDate": "2008-09-05T16:08Z"
    }
  }
}

ghsa-54hj-xp7v-pcj6

Vulnerability from github

Published

2022-05-03 03:19

Modified

2022-05-03 03:19

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-3530"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-09-05T16:08:00Z",
    "severity": "HIGH"
  },
  "details": "sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message.",
  "id": "GHSA-54hj-xp7v-pcj6",
  "modified": "2022-05-03T03:19:20Z",
  "published": "2022-05-03T03:19:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3530"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44908"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31745"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/32401"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/35074"
    },
    {
      "type": "WEB",
      "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT3467"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT3549"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/31004"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020820"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1021111"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/0633"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/1297"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2008-3530 (GCVE-0-2008-3530)

Vulnerability from cvelistv5

var-200809-0176

Vulnerability from variot

fetch http://security.FreeBSD.org/patches/SA-08:09/icmp6.patch

fetch http://security.FreeBSD.org/patches/SA-08:09/icmp6.patch.asc

cd /usr/src

patch < /path/to/patch

fkie_cve-2008-3530

Vulnerability from fkie_nvd

CERTA-2008-AVI-461

Vulnerability from certfr_avis

Description

Solution

CERTA-2009-AVI-186

Vulnerability from certfr_avis

Description

Solution

gsd-2008-3530

Vulnerability from gsd

ghsa-54hj-xp7v-pcj6

Vulnerability from github

Tags

Sightings

Nomenclature