6 matches found
CVE-2011-3601
CVE-2011-3601 affects radvd (router advertisement daemon). The vulnerability is a buffer overflow in the process_ra function, exploitable remotely via a negative label_len value in radvd before version 1.8.2. Public advisories across distributions (openSUSE SUSE-2011:1247-1, Fedora FEDORA-2011-13...
CVE-2011-3604
The CVE-2011-3604 issue affects the router advertisement daemon (radvd) process_ra() prior to version 1.8.2, enabling remote attackers to trigger a stack-based buffer over-read that crashes the service. Published advisories confirm the vulnerability exists in radvd and that fixes were delivered i...
CVE-2011-3605
CVE-2011-3605 affects radvd (router advertisement daemon). The issue occurs in process_rs when UnicastOnly is enabled, where an attacker can cause a denial-of-service (temporary service hang) by sending a flood of ND_ROUTER_SOLICIT requests. Affected software is radvd prior to version 1.8.2. The ...
CVE-2011-3602
CVE-2011-3602 is a directory traversal vulnerability in the router advertisement daemon, radvd, affecting radvd before 1.8.2. An attacker can exploit an interface name containing a “..” to overwrite arbitrary files, and this can be leveraged with a symlink to overwrite additional files. The issue...
CVE-2011-3603
The CVE-2011-3603 issue affects the router advertisement daemon (radvd) prior to version 1.8.2. The root cause is improper error handling in privsep_init, which can cause radvd to run with root privileges, leading to a partial confidentiality/integrity/availability impact as described (and noted ...
CVE-2014-8153
The CVE-2014-8153 entry affects the L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2 when using radvd 2.0+. A remote authenticated user can cause a denial of service (blocked router update processing) by creating eight routers and assigning an IPv6 non-provider subnet to each. Connected adv...