FreeBSD KAME Project IPv6 setsockopt() DoS

2004-03-29T00:00:00
ID OSVDB:4668
Type osvdb
Reporter Colin Percival(), Katsuhisa ABE()
Modified 2004-03-29T00:00:00

Description

Vulnerability Description

FreeBSD contains a flaw due to the manner in which it implements KAME Project IPv6 code that may allow a remote denial of service. The issue is an input validation flaw in the "setsockopt()" system call when handling certain IPv6 socket options, and will result in loss of availability for the platform.

Solution Description

Upgrade to version RELENG_5_2 security branch or higher, as it has been reported to fix this vulnerability. Also, FreeBSD has released a patch.

Short Description

FreeBSD contains a flaw due to the manner in which it implements KAME Project IPv6 code that may allow a remote denial of service. The issue is an input validation flaw in the "setsockopt()" system call when handling certain IPv6 socket options, and will result in loss of availability for the platform.

References:

Vendor URL: http://www.freebsd.org Vendor Specific Advisory URL Secunia Advisory ID:11233 Related OSVDB ID: 5985 CVE-2004-0370 Bugtraq ID: 9992