CVE-2009-2208

Name of the Vulnerable Software and Affected Versions FreeBSD versions 6.3, 6.4, 7.1, 7.2

Description The issue allows local users to modify or disable IPv6 network interfaces due to a lack of permission enforcement on the SIOCSIFINFO IN6 IOCTL. This can be demonstrated by modifying the MTU.

Recommendations For versions 6.3, 6.4, 7.1, 7.2, consider restricting access to the SIOCSIFINFO IN6 IOCTL to prevent unauthorized modification of IPv6 network interfaces. At the moment, there is no information about a newer version that contains a fix for this vulnerability.