Vigil@nce: NetBSD, denial of service via PPPoE packet
August 2008 by Vigil@nce
SYNTHESIS
An attacker can send a malicious PPPoE packet to a victim, in
order to generate a denial of service.
Gravity: 2/4
Consequences: privileged access/rights, denial of service of
service
Provenance: LAN
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 26/08/2008
Identifier: VIGILANCE-VUL-8055
IMPACTED PRODUCTS
– NetBSD [confidential versions]
DESCRIPTION
PPPoE is the PPP encapsulation protocol for ethernet.
It is possible to forge PPPoE packet with a malicious "Length"
tag. The kernel will not be able to treat the packet and this will
generate a denial of service of the system.
An attacker can therefore send a malicious PPPoE packet to a
victim, in order to generate a denial of service.
CHARACTERISTICS
Identifiers: NetBSD-SA2008-010, VIGILANCE-VUL-8055