CVE Reference: CVE-2008-3530

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2008-3530

Description:
sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message.

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/44908

ST
  1020820
  1021111

SAID
  Secunia Advisory: SA31745
  Secunia Advisory: SA32401
  Secunia Advisory: SA35074

NETBSD

FREEBSD
  http://security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc

CONFIRM
  http://support.apple.com/kb/HT3549
  http://support.apple.com/kb/HT3467

CERT
  http://www.us-cert.gov/cas/techalerts/TA09-133A.html

BID
  31004

APPLE
  http://lists.apple.com/archives/security-announce/2009/May/msg00002.html


Return to the previous page.