Lucene search

[email protected]CVE-2007-1365

HistoryMar 10, 2007 - 9:19 p.m.

CVE-2007-1365

2007-03-1021:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

115

cve-2007-1365

buffer overflow

openbsd

kern/uipc_mbuf2.c

remote code execution

ipv6

icmp6

denial of service

8.1 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.442 Medium

EPSS

Percentile

97.3%

JSON

Buffer overflow in kern/uipc_mbuf2.c in OpenBSD 3.9 and 4.0 allows remote attackers to execute arbitrary code via fragmented IPv6 packets due to “incorrect mbuf handling for ICMP6 packets.” NOTE: this was originally reported as a denial of service.

CPENameOperatorVersion
openbsd:openbsdopenbsdeq3.9
openbsd:openbsdopenbsdeq4.0

CPE	Name	Operator	Version
openbsd:openbsd	openbsd	eq	3.9
openbsd:openbsd	openbsd	eq	4.0

References

marc.info/?l=openbsd-cvs&m=117252151023868&w=2

secunia.com/advisories/24490

securitytracker.com/id?1017735

www.coresecurity.com/?action=item&id=1703

www.kb.cert.org/vuls/id/986425

www.openbsd.org/errata39.html#m_dup1

www.openbsd.org/errata40.html#m_dup1

www.osvdb.org/33050

www.securityfocus.com/bid/22901

www.securitytracker.com/id?1017744

8.1 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.442 Medium

EPSS

Percentile

97.3%

JSON

Related for CVE-2007-1365

prion1 securityvulns2 cert1 packetstorm1