Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique





















Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce: FreeBSD, denial of service via ICMPv6

September 2008 by Vigil@nce

SYNTHESIS

An attacker can send a special ICMPv6 packet in order to stop the system.

Gravity: 3/4

Consequences: denial of service of computer

Provenance: internet client

Means of attack: 1 attack

Ability of attacker: technician (2/4)

Confidence: confirmed by the editor (5/5)

Diffusion of the vulnerable configuration: high (3/3)

Creation date: 04/09/2008

Identifier: VIGILANCE-VUL-8086

IMPACTED PRODUCTS

- FreeBSD [confidential versions]

DESCRIPTION

An IPv6 host sends an ICMPv6 "Packet Too Big" error message (RFC 2463) to indicate if the received packet is larger than the MTU of the next hop (this MTU is set in the packet).

However, when the MTU set is inferior to the minimum MTU for IPv6 (1280), an error panics the FreeBSD kernel.

An attacker can therefore create a denial of service on servers where a TCP service listens on IPv6.

CHARACTERISTICS

Identifiers: BID-31004, CVE-2008-3530, FreeBSD-SA-08:09.icmp6, VIGILANCE-VUL-8086

https://vigilance.aql.fr/tree/1/8086




See previous articles

    

See next articles