CVE-2008-3530: Input Validation
First published: Fri Sep 05 2008(Updated: )
sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| FreeBSD FreeBSD | =6.3 | |
| FreeBSD FreeBSD | =7.0 | |
| FreeBSD FreeBSD | =7.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc
- http://www.securityfocus.com/bid/31004
- http://secunia.com/advisories/31745
- http://www.securitytracker.com/id?1020820
- http://secunia.com/advisories/32401
- http://www.securitytracker.com/id?1021111
- http://support.apple.com/kb/HT3467
- http://www.vupen.com/english/advisories/2009/0633
- http://support.apple.com/kb/HT3549
- http://www.vupen.com/english/advisories/2009/1297
- http://secunia.com/advisories/35074
- http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
- http://www.us-cert.gov/cas/techalerts/TA09-133A.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44908
- collector/nvd-historical
- collector/nvd-index
- agent/weakness
- agent/type
- agent/event
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/freebsd
- canonical/freebsd freebsd
- version/freebsd freebsd/6.3
- version/freebsd freebsd/7.0
- version/freebsd freebsd/7.1