Veracode Vulnerability DatabaseVERACODE:17712Denial Of Service (DoS)
8.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
IPv6 protocol is vulnerable to denial of service(Dos) attacks. Remote attacker could leverage the generation of IPv6 atomic fragments to trigger the use of fragmentation in an arbitrary IPv6 flow and subsequently perform any type of a fragmentation-based attack against legacy IPv6 nodes that do not implement RFC6946 leading to interruption of traffic flow during communication.
References
rhn.redhat.com/errata/RHSA-2017-0817.html
www.securityfocus.com/bid/95797
www.securitytracker.com/id/1038256
access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.9_Release_Notes/index.html
access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.9_Technical_Notes/index.html
access.redhat.com/errata/RHSA-2017:0817
access.redhat.com/security/cve/CVE-2017-5551
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1325766
bugzilla.redhat.com/show_bug.cgi?id=847106
kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43730
tools.ietf.org/html/draft-ietf-6man-deprecate-atomfrag-generation-08
tools.ietf.org/html/rfc8021
Related
8.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P