14 matches found
CVE-2006-1646
The Internet Key Exchange version 1 IKEv1 implementation isakmpagg.c in the Shoichi Sakane KAME Project racoon, as used by NetBSD 1.6, 2.x before 20060119, certain FreeBSD releases, and possibly other distributions of BSD or Linux operating systems, when running in aggressive mode, allows remote...
EUVD-2004-0370
Malware in sbrugna...
NetBSD/FreeBSD IPComp实现栈溢出远程内存破坏漏洞
Bugtraq ID: 47123 IPcomp是一款IP有效载荷压缩协议,为IP层提供无损耗压缩。 源自NetBSD/KAME的IPComp实现,未压缩负载的注入其代码类似如下: algo = ipcompalgorithmlookupcpi; / ... / error = algo-decompressm, m-mnext, &newlen; / ... / if nxt != IPPROTODONE if inetswipprotoxnxt.prflags & PRLASTHDR != 0 && ipsec4inrejectm, NULL...
FreeBSD Security Advisory (FreeBSD-SA-08:04.ipsec.asc)
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-08:04.ipsec.asc SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
KAME Project IPv6 IPComp头远程拒绝服务漏洞
BUGTRAQ ID: 27642 CVECAN ID: CVE-2008-0177 KAME项目是6家日本公司协作为各种BSD系统所提供的免费IPv6、IPsec和Mobile IPv6实现。 KAME项目实现的IPv6协议栈存在漏洞,远程攻击者可能利用此漏洞导致服务器不可用。 如果BSD系统使用了KAME项目的IPv6实现的话,则在处理有IPComp头的IPv6报文时kame/sys/netinet6/ipcompinput.c文件的ipcomp6input函数会出现空指针引用。如果将内核配置为处理IPsec和IPv6通讯的话,单个特制的IPv6报文可能导致内核忙碌。 FreeBSD...
CVE-2008-0177
The ipcomp6input function in sys/netinet6/ipcompinput.c in the KAME project before 20071201 does not properly check the return value of the mpulldown function, which allows remote attackers to cause a denial of service system crash via an IPv6 packet with an IPComp header...
CVE-2008-0177
The ipcomp6input function in sys/netinet6/ipcompinput.c in the KAME project before 20071201 does not properly check the return value of the mpulldown function, which allows remote attackers to cause a denial of service system crash via an IPv6 packet with an IPComp header...
CVE-2008-0177
CVE-2008-0177 arises from an unchecked return value in ipcomp6_input (sys/netinet6/ipcomp_input.c) in the KAME project, where m_pulldown is not verified before use. This allows remote attackers to trigger a denial of service (system crash) by sending an IPv6 packet containing an IPComp header. Th...
KAME project IPv6 IPComp header denial of service vulnerability
Overview The KAME project's IPv6 implementation does not properly process IPv6 packets that contain the IPComp header. If exploited, this vulnerability may allow an attacker to cause a vulnerable system to crash. Description Per RFC 3173:IP payload compression is a protocol to reduce the size of ...
CVE-2006-1646
The CVE-2006-1646 issue concerns the Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in the Shoichi Sakane KAME Project racoon, as used by NetBSD, certain FreeBSD releases, and potentially other BSD/Linux distributions. In aggressive mode, remote attackers can trigger a deni...
CVE-2004-0370
The setsockopt call in the KAME Project IPv6 implementation, as used in FreeBSD 5.2, does not properly handle certain IPv6 socket options, which could allow attackers to read kernel memory and cause a system panic...
CVE-2004-0370
The CVE-2004-0370 issue affects FreeBSD 5.2 using the KAME IPv6 stack, where a programming error in setsockopt(2) handling of IPv6 socket options can allow a local attacker to read portions of kernel memory and cause a system panic. The vulnerability arises from improper validation in setsockopt(...
CVE-2004-0370
The setsockopt call in the KAME Project IPv6 implementation, as used in FreeBSD 5.2, does not properly handle certain IPv6 socket options, which could allow attackers to read kernel memory and cause a system panic...
FreeBSD-SA-00:63.getnameinfo
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:63 Security Advisory FreeBSD, Inc. Topic: getnameinfo function allows remote denial of service Category: core Module: libc Announced: 2000-11-01 Credits: Pavel Kankovsky...