Lucene search

K
cve[email protected]CVE-2009-0687
HistoryAug 11, 2009 - 10:30 a.m.

CVE-2009-0687

2009-08-1110:30:00
CWE-399
web.nvd.nist.gov
35
cve-2009-0687
openbsd
pf
denial of service
null pointer dereference
remote attack
ip packets

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.8 Medium

AI Score

Confidence

High

0.059 Low

EPSS

Percentile

93.5%

The pf_test_rule function in OpenBSD Packet Filter (PF), as used in OpenBSD 4.2 through 4.5, NetBSD 5.0 before RC3, MirOS 10 and earlier, and MidnightBSD 0.3-current allows remote attackers to cause a denial of service (panic) via crafted IP packets that trigger a NULL pointer dereference during translation, related to an IPv4 packet with an ICMPv6 payload.

Affected configurations

NVD
Node
midnightbsdmidnightbsdMatch0.3-current
OR
mirbsdmirosRange10
OR
netbsdnetbsdMatch5.0
OR
openbsdopenbsdMatch4.2
OR
openbsdopenbsdMatch4.3
OR
openbsdopenbsdMatch4.4
OR
openbsdopenbsdMatch4.5

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.8 Medium

AI Score

Confidence

High

0.059 Low

EPSS

Percentile

93.5%

Related for CVE-2009-0687