FreeBSD -- IPv6 remote Denial-of-Service

Problem Description: Due do a missing check in the code of mpulldown9 data returned may not be contiguous as requested by the caller. Impact: Extra checks in the IPv6 code catch the error condition and trigger a kernel panic leading to a remote DoS denial-of-service attack with certain Ethernet...

Apple Mac OS X xnu <= 1228.3.13 ipv6-ipcomp Remote kernel DoS PoC

Exploit for multiple platform in category dos / poc ================================================================= Apple Mac OS X xnu Apple MACOS X xnu md typo?. md = mpulldownm, off, sizeofipcomp, NULL; if !m - md = mpulldownm, off, sizeofipcomp, NULL; if !md bsd/netinet6/ipcompinput.c curios...

Apple Mac OSX xnu 1228.3.13 - IPv6-ipcomp Remote kernel Denial of Service (PoC)

/ xnu-ipv6-ipcomp.c Copyright c 2008 by Apple MACOS X xnu md typo?. md = mpulldownm, off, sizeofipcomp, NULL; if !m - md = mpulldownm, off, sizeofipcomp, NULL; if !md bsd/netinet6/ipcompinput.c curiosly the same bug exists in ipcomp4input, but an explicit check is made to ensure there is enough...

Design/Logic Flaw

The ipcomp6input function in sys/netinet6/ipcompinput.c in the KAME project before 20071201 does not properly check the return value of the mpulldown function, which allows remote attackers to cause a denial of service system crash via an IPv6 packet with an IPComp header...

CVE-2008-0177

The ipcomp6input function in sys/netinet6/ipcompinput.c in the KAME project before 20071201 does not properly check the return value of the mpulldown function, which allows remote attackers to cause a denial of service system crash via an IPv6 packet with an IPComp header...