8.1 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.442 Medium
EPSS
Percentile
97.3%
Buffer overflow in kern/uipc_mbuf2.c in OpenBSD 3.9 and 4.0 allows remote attackers to execute arbitrary code via fragmented IPv6 packets due to “incorrect mbuf handling for ICMP6 packets.” NOTE: this was originally reported as a denial of service.
CPE | Name | Operator | Version |
---|---|---|---|
openbsd:openbsd | openbsd | eq | 3.9 |
openbsd:openbsd | openbsd | eq | 4.0 |
marc.info/?l=openbsd-cvs&m=117252151023868&w=2
secunia.com/advisories/24490
securitytracker.com/id?1017735
www.coresecurity.com/?action=item&id=1703
www.kb.cert.org/vuls/id/986425
www.openbsd.org/errata39.html#m_dup1
www.openbsd.org/errata40.html#m_dup1
www.osvdb.org/33050
www.securityfocus.com/bid/22901
www.securitytracker.com/id?1017744