PT-2008-3929 · Netbsd+2 · Netbsd+2
Jukka Taimisto
+2
·
Publicado
2008-09-10
·
Atualizado
2008-09-11
·
CVE-2008-2464
CVSS v2.0
7.1
Alta
| Vetor | AV:N/AC:M/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions:
NetBSD version 4.0
FreeBSD (affected versions not specified)
KAME (affected versions not specified)
Description:
The issue is related to a denial of service caused by a divide-by-zero error and panic. This occurs when a malformed ICMPv6 Multicast Listener Discovery (MLD) query with a certain Maximum Response Delay value is sent to the system. The
mld input function in the kernel is the vulnerable component.Recommendations:
For NetBSD version 4.0, update the kernel to a version that fixes the
mld input function issue.
For FreeBSD, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
For KAME, at the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Freebsd
Kame
Netbsd