9 matches found
CVE-2009-2208
FreeBSD 6.3, 6.4, 7.1, and 7.2 does not enforce permissions on the SIOCSIFINFOIN6 IOCTL, which allows local users to modify or disable IPv6 network interfaces, as demonstrated by modifying the MTU...
Design/Logic Flaw
FreeBSD 6.3, 6.4, 7.1, and 7.2 does not enforce permissions on the SIOCSIFINFOIN6 IOCTL, which allows local users to modify or disable IPv6 network interfaces, as demonstrated by modifying the MTU...
CVE-2009-2208
The CVE-2009-2208 issue affects FreeBSD 6.3, 6.4, 7.1, and 7.2 where permissions are not enforced on the SIOCSIFINFO_IN6 IOCTL. This allows local users to modify or disable IPv6 network interfaces (e.g., MTU) due to improper access controls. The vulnerability is documented in FreeBSD SA-09:10 IPv...
CVE-2009-2208
FreeBSD 6.3, 6.4, 7.1, and 7.2 does not enforce permissions on the SIOCSIFINFOIN6 IOCTL, which allows local users to modify or disable IPv6 network interfaces, as demonstrated by modifying the MTU...
FreeBSD IPv6 SIOCSIFINFO_IN6权限检查绕过安全限制漏洞
BUGTRAQ ID: 35285 FreeBSD就是一种运行在Intel平台上、可以自由使用的开放源码Unix类系统。 IPv6是用于替换当前IPv4的新一代Internet协议,可通过ioctl2接口配置FreeBSD IPv6网络栈的很多属性。由于SIOCSIFINFOIN6 ioctl缺少必要的权限检查,本地用户(包括非root用户和牢笼中用户)可以设置一些IPv6接口属性,包括更改链路MTU和完全禁用接口。请注意这个漏洞只影响IPv6,无法利用这个漏洞影响IPv4功能。 FreeBSD FreeBSD 7.2 FreeBSD FreeBSD 7.1 FreeBSD FreeBS...
FreeBSD Security Advisory (FreeBSD-SA-09:10.ipv6.asc)
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-09:10.ipv6.asc SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
FreeBSD Security Advisory FreeBSD-SA-09:10.ipv6
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-09:10.ipv6 Security Advisory The FreeBSD Project Topic: Missing permission check on SIOCSIFINFOIN6 ioctl Category: core Module: netinet6 Announced: 2009-06-10...
FreeBSD IPv6 'SIOCSIFINFO_IN6'权限检查本地安全绕过漏洞
Bugraq ID: 35285 CNCAN ID:CNCAN-2009061102 FreeBSD是一款开放源代码的BSD操作系统。 FreeBSD针对"SIOCSIFINFOIN6" IOCTL缺少正确的权限检查,本地攻击者可以利用漏洞修改网络设置导致拒绝服务等攻击。 当修改IPv6网络栈属性时缺少正确的权限检查,发送特殊构建的"SIOCSIFINFOIN6" IOCTLs可导致更改部分IPv6接口设置如MTU或禁用IPv6接口。 FreeBSD FreeBSD 7.2-STABLE FreeBSD FreeBSD 7.1-RELEASE-p6 FreeBSD FreeBSD...
FreeBSD-SA-09:10.ipv6
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-09:10.ipv6 Security Advisory The FreeBSD Project Topic: Missing permission check on SIOCSIFINFOIN6 ioctl Category: core Module: netinet6 Announced: 2009-06-10...