Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2008-0177

The ipcomp6_input function in sys/netinet6/ipcomp_input.c in the KAME project before 20071201 does not properly check the return value of the m_pulldown function, which allows remote attackers to cause a denial of service (system crash) via an IPv6 packet with an IPComp header.

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://www.kame.net/de...
CERT-VN: VU#110947
BID: 27642
SECUNIA: 28788
SECUNIA: 28816
SECTRACK: 1019314
FREEBSD: FreeBSD-SA-08:04
SECUNIA: 28979
SECUNIA: 29130
APPLE: APPLE-SA-2008-05-28
CERT: TA08-150A
SECUNIA: 30430
APPLE: APPLE-SA-2008-07-11
SECUNIA: 31074
VUPEN: ADV-2008-0441
VUPEN: ADV-2008-0688
VUPEN: ADV-2008-1697
VUPEN: ADV-2008-2094
CONFIRM: http://cvsweb.netbsd.o...
EXPLOIT-DB: 5191

Launchpad.net

CVE 2008-0177

Related bugs

References