OpenBSD IPv6 Routing Header Bug Lets Remote Users Deny Service - SecurityTracker

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

Home | View Topics | Search | Contact Us |

SecurityTracker
Archives

Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: OS (UNIX) > OpenBSD Kernel

Vendors: OpenBSD

OpenBSD IPv6 Routing Header Bug Lets Remote Users Deny Service

SecurityTracker Alert ID: 1019496

SecurityTracker URL: http://securitytracker.com/id/1019496

CVE Reference: CVE-2008-1057 (Links to External Site)

Updated: Mar 19 2008

Original Entry Date: Feb 25 2008

Impact: Denial of service via network

Fix Available: Yes Vendor Confirmed: Yes

Version(s): 4.2

Description: A vulnerability was reported in OpenBSD. A remote user can cause a kernel panic.

A remote user can send a specially crafted IPv6 routing header to trigger a kernel panic on the target system.

Impact: A remote user can cause the target system to crash.

Solution: The vendor has issued a patch:

ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.2/common/008_ip6rthdr.patch

Vendor URL: www.openbsd.org/ (Links to External Site)

Cause: Input validation error

Underlying OS:

Message History: None.

Source Message Contents

Date: Mon, 25 Feb 2008 08:36:56 -0500
Subject: OpenBSD kernel


RELIABILITY FIX: February 25, 2008   All architectures
Malformed IPv6 routing headers can cause a kernel panic.
A source code patch exists which remedies this problem.

ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.2/common/008_ip6rthdr.patch

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us
Copyright 2013, SecurityGlobal.net LLC