Lucene search
Copyright (C) 2008 E-Soft Inc.OPENVAS:136141256231052648HistorySep 04, 2008 - 12:00 a.m.
FreeBSD Security Advisory (FreeBSD-SA-04:06.ipv6.asc)
2008-09-0400:00:00
Copyright (C) 2008 E-Soft Inc.
plugins.openvas.org
3
7.1 High
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
24.0%
The remote host is missing an update to the system
as announced in the referenced advisory FreeBSD-SA-04:06.ipv6.asc
# SPDX-FileCopyrightText: 2008 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.52648");
script_version("2023-07-26T05:05:09+0000");
script_tag(name:"last_modification", value:"2023-07-26 05:05:09 +0000 (Wed, 26 Jul 2023)");
script_tag(name:"creation_date", value:"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)");
script_cve_id("CVE-2004-0370");
script_tag(name:"cvss_base", value:"2.1");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:P/I:N/A:N");
script_name("FreeBSD Security Advisory (FreeBSD-SA-04:06.ipv6.asc)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2008 E-Soft Inc.");
script_family("FreeBSD Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/freebsd", "ssh/login/freebsdpatchlevel");
script_tag(name:"insight", value:"IPv6 is a new Internet Protocol, designed to replace (and avoid many of
the problems with) the current Internet Protocol (version 4). FreeBSD
uses the KAME Project IPv6 implementation.
Applications may manipulate the behavior of an IPv6 socket using the
setsockopt(2) system call.
A programming error in the handling of some IPv6 socket options within
the setsockopt(2) system call may result in memory locations being
accessed without proper validation. While the problem originates in
code from the KAME Project, it does not affect other operating systems.");
script_tag(name:"solution", value:"Upgrade your system to the appropriate stable release
or security branch dated after the correction date.");
script_xref(name:"URL", value:"https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-04:06.ipv6.asc");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/9992");
script_tag(name:"summary", value:"The remote host is missing an update to the system
as announced in the referenced advisory FreeBSD-SA-04:06.ipv6.asc");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-bsd.inc");
vuln = FALSE;
if(patchlevelcmp(rel:"5.2.1", patchlevel:"4")<0) {
vuln = TRUE;
}
if(vuln) {
security_message(port:0);
} else if (__pkg_match) {
exit(99);
}Related
nessus
nessus
FreeBSD : SA-04:06.ipv6 : setsockopt()
2004-07-06 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-04:06.ipv6
2004-03-29 00:00:00
securityvulns
securityvulns
FreeBSD Security Advisory FreeBSD-SA-04:06.ipv6
2004-03-30 00:00:00
cve
cve
CVE-2004-0370
2004-05-04 04:00:00
openvas
openvas
FreeBSD Security Advisory (FreeBSD-SA-04:06.ipv6.asc)
2008-09-04 00:00:00
freebsd
freebsd
setsockopt(2) IPv6 sockets input validation error
2004-03-29 00:00:00
7.1 High
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
24.0%
Related for OPENVAS:136141256231052648