CVE-2009-0687

Name of the Vulnerable Software and Affected Versions OpenBSD versions 4.2 through 4.5 NetBSD version 5.0 before RC3 MirOS version 10 and earlier MidnightBSD version 0.3-current

Description The issue allows remote attackers to cause a denial of service via crafted IP packets, triggering a NULL pointer dereference during translation. This is related to an IPv4 packet with an ICMPv6 payload.

Recommendations For OpenBSD versions 4.2 through 4.5, update to a version outside of this range to resolve the issue. For NetBSD version 5.0 before RC3, update to RC3 or later to resolve the issue. For MirOS version 10 and earlier, update to a version later than 10 to resolve the issue. For MidnightBSD version 0.3-current, consider restricting access to the pf test rule function until a patch is available.