CVE-2006-3202

Name of the Vulnerable Software and Affected Versions NetBSD versions 2.0 through 3.0

Description The issue concerns the ip6 savecontrol function, which under certain configurations, fails to check if IPv4-mapped sockets are being used before processing IPv6 socket options. This allows local users to cause a denial of service by creating an IPv4-mapped IPv6 socket with the SO TIMESTAMP socket option set and then sending an IPv4 packet through the socket.

Recommendations For NetBSD versions 2.0 through 3.0, consider disabling the use of IPv4-mapped sockets or restricting the SO TIMESTAMP socket option to prevent exploitation until a fix is available.