Vigil@nce: FreeBSD, denial of service via ICMPv6
September 2008 by Vigil@nce
An attacker can send a special ICMPv6 packet in order to stop the system.
Consequences: denial of service of computer
Provenance: internet client
Means of attack: 1 attack
Ability of attacker: technician (2/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 04/09/2008
FreeBSD [confidential versions]
An IPv6 host sends an ICMPv6 "Packet Too Big" error message (RFC 2463) to indicate if the received packet is larger than the MTU of the next hop (this MTU is set in the packet).
However, when the MTU set is inferior to the minimum MTU for IPv6 (1280), an error panics the FreeBSD kernel.
An attacker can therefore create a denial of service on servers where a TCP service listens on IPv6.
Identifiers: BID-31004, CVE-2008-3530, FreeBSD-SA-08:09.icmp6, VIGILANCE-VUL-8086