[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2009-0687Date: (C)2009-08-11   (M)2023-12-22


The pf_test_rule function in OpenBSD Packet Filter (PF), as used in OpenBSD 4.2 through 4.5, NetBSD 5.0 before RC3, MirOS 10 and earlier, and MidnightBSD 0.3-current allows remote attackers to cause a denial of service (panic) via crafted IP packets that trigger a NULL pointer dereference during translation, related to an IPv4 packet with an ICMPv6 payload.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.8
Exploit Score: 10.0
Impact Score: 6.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: COMPLETE
  
Reference:
http://www.securityfocus.com/archive/1/502634
OSVDB-53608
EXPLOIT-DB-8406
EXPLOIT-DB-8581
ADV-2009-1015
NetBSD-SA2009-001
http://www.openbsd.org/errata43.html#013_pf
http://www.openbsd.org/errata44.html#013_pf
http://www.openbsd.org/errata45.html#002_pf
ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.3/common/013_pf.patch
http://www.helith.net/txt/multiple_vendor-PF_null_pointer_dereference.txt
openbsd-packetfilter-dos(49837)

CPE    4
cpe:/o:openbsd:openbsd:4.3
cpe:/o:openbsd:openbsd:4.2
cpe:/o:openbsd:openbsd:4.5
cpe:/o:openbsd:openbsd:4.4
...
CWE    1
CWE-399

© SecPod Technologies