Date: Wed, 6 Feb 2008 22:01:41 +0100 From: Remko Lodder <remko@elvandar.org> To: Mohacsi Janos <mohacsi@niif.hu>, <freebsd-security@freebsd.org> Subject: RE: What about FreeBSD? - KAME Project "ipcomp6_input()" Denial of Service Message-ID: <20080206220104.8507B13C45B@mx1.freebsd.org>
next in thread | raw e-mail | index | archive | help
We are aware and working on resolving this. Thanks Remko Hat: freebsd secteam -----Original Message----- From: "Mohacsi Janos" <mohacsi@niif.hu> To: freebsd-security@freebsd.org Sent: 6-2-08 21:54 Subject: What about FreeBSD? - KAME Project "ipcomp6_input()" Denial of Service TITLE: KAME Project "ipcomp6_input()" Denial of Service CRITICAL: Moderately critical IMPACT: DoS WHERE: >From remote DESCRIPTION: A vulnerability has been reported in the KAME Project, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the "ipcomp6_input()" function in kame/sys/netinet6/ipcomp_input.c when processing IPv6 packets with an IPComp header. This can be exploited to crash a vulnerable system by sending a specially crafted IPv6 packet. SOLUTION: Fixed in the CVS repository. http://www.kame.net/dev/cvsweb2.cgi/kame/kame/sys/netinet6/ipcomp_input.c.diff?r1=1.36;r2=1.37 PROVIDED AND/OR DISCOVERED BY: US-CERT credits Shoichi Sakane. NetBSD credits the Coverity Prevent analysis tool. ORIGINAL ADVISORY: US-CERT VU#110947: http://www.kb.cert.org/vuls/id/110947 _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080206220104.8507B13C45B>