Vigil@nce: FreeBSD, denial of service via ICMPv6
September 2008 by Vigil@nce
SYNTHESIS
An attacker can send a special ICMPv6 packet in order to stop the
system.
Gravity: 3/4
Consequences: denial of service of computer
Provenance: internet client
Means of attack: 1 attack
Ability of attacker: technician (2/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 04/09/2008
Identifier: VIGILANCE-VUL-8086
IMPACTED PRODUCTS
– FreeBSD [confidential versions]
DESCRIPTION
An IPv6 host sends an ICMPv6 "Packet Too Big" error message (RFC
2463) to indicate if the received packet is larger than the MTU of
the next hop (this MTU is set in the packet).
However, when the MTU set is inferior to the minimum MTU for IPv6
(1280), an error panics the FreeBSD kernel.
An attacker can therefore create a denial of service on servers
where a TCP service listens on IPv6.
CHARACTERISTICS
Identifiers: BID-31004, CVE-2008-3530, FreeBSD-SA-08:09.icmp6,
VIGILANCE-VUL-8086