[Forgot Password]
Login  Register Subscribe

23631

 
 

126941

 
 

98250

 
 

909

 
 

79281

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2007-4567

Date: (C)2007-12-20   (M)2017-10-04 


The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.22 does not properly validate the hop-by-hop IPv6 extended header, which allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a crafted IPv6 packet.

CVSS Score: 7.8Access Vector: NETWORK
Exploit Score: 10.0Access Complexity: LOW
Impact Score: 6.9Authentication: NONE
 Confidentiality: NONE
 Integrity: NONE
 Availability: COMPLETE





Reference:
SECUNIA-25505
BID-26943
SECUNIA-28170
SECUNIA-28706
SECUNIA-38015
RHSA-2010:0019
RHSA-2010:0053
RHSA-2010:0095
USN-558-1
USN-574-1
http://bugzilla.kernel.org/show_bug.cgi?id=8450
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e76b2b2567b83448c2ee85a896433b96150c92e6
https://bugzilla.redhat.com/show_bug.cgi?id=548641
linux-kernel-ipv6-dos(39171)

CPE    21
cpe:/o:linux:linux_kernel:2.6.19.4
cpe:/o:linux:linux_kernel:2.6.19.5
cpe:/o:linux:linux_kernel:2.6.19.6
cpe:/o:linux:linux_kernel:2.6.19.7
...
CWE    1
CWE-20
OVAL    3
oval:org.secpod.oval:def:500366
oval:org.secpod.oval:def:201850
oval:org.secpod.oval:def:201898

© 2013 SecPod Technologies