6.7 Medium
AI Score
Confidence
High
7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
0.018 Low
EPSS
Percentile
87.7%
sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message.
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-015.txt.asc
lists.apple.com/archives/security-announce/2009/May/msg00002.html
secunia.com/advisories/31745
secunia.com/advisories/32401
secunia.com/advisories/35074
security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc
support.apple.com/kb/HT3467
support.apple.com/kb/HT3549
www.securityfocus.com/bid/31004
www.securitytracker.com/id?1020820
www.securitytracker.com/id?1021111
www.us-cert.gov/cas/techalerts/TA09-133A.html
www.vupen.com/english/advisories/2009/0633
www.vupen.com/english/advisories/2009/1297
exchange.xforce.ibmcloud.com/vulnerabilities/44908