Lucene search

K
cve[email protected]CVE-2009-0687
HistoryAug 11, 2009 - 10:30 a.m.

CVE-2009-0687

2009-08-1110:30:00
CWE-399
web.nvd.nist.gov
35
cve-2009-0687
openbsd
pf
denial of service
null pointer dereference
remote attack
ip packets

6.8 Medium

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.059 Low

EPSS

Percentile

93.4%

The pf_test_rule function in OpenBSD Packet Filter (PF), as used in OpenBSD 4.2 through 4.5, NetBSD 5.0 before RC3, MirOS 10 and earlier, and MidnightBSD 0.3-current allows remote attackers to cause a denial of service (panic) via crafted IP packets that trigger a NULL pointer dereference during translation, related to an IPv4 packet with an ICMPv6 payload.

Affected configurations

NVD
Node
midnightbsdmidnightbsdMatch0.3-current
OR
mirbsdmirosRange10
OR
netbsdnetbsdMatch5.0
OR
openbsdopenbsdMatch4.2
OR
openbsdopenbsdMatch4.3
OR
openbsdopenbsdMatch4.4
OR
openbsdopenbsdMatch4.5

6.8 Medium

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.059 Low

EPSS

Percentile

93.4%

Related for CVE-2009-0687