CVE-2008-0177 - The ipcomp6_input function in sys/netinet6/ipcomp_input.c in the KAME project before 20071201 does n

CVE-2008-0177

Summary

The ipcomp6_input function in sys/netinet6/ipcomp_input.c in the KAME project before 20071201 does not properly check the return value of the m_pulldown function, which allows remote attackers to cause a denial of service (system crash) via an IPv6 packet with an IPComp header.

References

Vulnerable Configurations

cpe:2.3:a:kame:ipcomp:*:*:*:*:*:*:*:*
cpe:2.3:a:kame:ipcomp:*:*:*:*:*:*:*:*

CVSS

Base:	7.8 (as of 29-09-2017 - 01:30)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:C

refmap via4

apple	APPLE-SA-2008-05-28 APPLE-SA-2008-07-11
bid	27642
cert	TA08-150A
cert-vn	VU#110947
confirm	http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/netinet6/ipcomp_input.c?f=u&only_with_tag=netbsd-3-1 http://www.kame.net/dev/cvsweb2.cgi/kame/kame/sys/netinet6/ipcomp_input.c.diff?r1=1.36;r2=1.37
exploit-db	5191
freebsd	FreeBSD-SA-08:04
sectrack	1019314
secunia	28788 28816 28979 29130 30430 31074
vupen	ADV-2008-0441 ADV-2008-0688 ADV-2008-1697 ADV-2008-2094

Last major update

29-09-2017 - 01:30

Published

07-02-2008 - 22:00

Last modified

29-09-2017 - 01:30