What about FreeBSD? - KAME Project "ipcomp6_input()" Denial of Service

Remko Lodder remko at elvandar.org
Wed Feb 6 14:01:04 PST 2008


We are aware and working on resolving this.

Thanks
Remko
Hat: freebsd secteam

-----Original Message-----
From: "Mohacsi Janos" <mohacsi at niif.hu>
To: freebsd-security at freebsd.org
Sent: 6-2-08 21:54
Subject: What about FreeBSD? - KAME Project "ipcomp6_input()" Denial of Service 


TITLE:
KAME Project "ipcomp6_input()" Denial of Service

CRITICAL:
Moderately critical

IMPACT:
DoS

WHERE:
>From remote

DESCRIPTION:
A vulnerability has been reported in the KAME Project, which can be
exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error within the
"ipcomp6_input()" function in kame/sys/netinet6/ipcomp_input.c when
processing IPv6 packets with an IPComp header. This can be exploited
to crash a vulnerable system by sending a specially crafted IPv6
packet.

SOLUTION:
Fixed in the CVS repository.
http://www.kame.net/dev/cvsweb2.cgi/kame/kame/sys/netinet6/ipcomp_input.c.diff?r1=1.36;r2=1.37

PROVIDED AND/OR DISCOVERED BY:
US-CERT credits Shoichi Sakane.
NetBSD credits the Coverity Prevent analysis tool.

ORIGINAL ADVISORY:
US-CERT VU#110947:
http://www.kb.cert.org/vuls/id/110947

_______________________________________________
freebsd-security at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"



More information about the freebsd-security mailing list