BSD ICMPV6 Handling Routines Remote Denial Of Service Vulnerability
BID:9577
Info
BSD ICMPV6 Handling Routines Remote Denial Of Service Vulnerability
| Bugtraq ID: | 9577 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 04 2004 12:00AM |
| Updated: | Feb 04 2004 12:00AM |
| Credit: | Vulnerability discovery credited to a source that has requested not to be credited in this database. |
| Vulnerable: |
OpenBSD OpenBSD 3.4 OpenBSD OpenBSD 3.3 OpenBSD OpenBSD 3.2 OpenBSD OpenBSD 3.1 OpenBSD OpenBSD 3.0 NetBSD NetBSD 1.6.1 NetBSD NetBSD 1.6 |
| Not Vulnerable: | |
Discussion
BSD ICMPV6 Handling Routines Remote Denial Of Service Vulnerability
OpenBSD and NetBSD have been reported prone to a remote denial of service attack when configured to process IPV6 traffic. The issue occurs when an affected host handles certain types of ICMPV6 traffic. It has been reported that when traffic of the aforementioned type is handled an unspecified kernel error occurs, denying service to the affected system.
FreeBSD does not appear to be affected.
OpenBSD and NetBSD have been reported prone to a remote denial of service attack when configured to process IPV6 traffic. The issue occurs when an affected host handles certain types of ICMPV6 traffic. It has been reported that when traffic of the aforementioned type is handled an unspecified kernel error occurs, denying service to the affected system.
FreeBSD does not appear to be affected.
Exploit / POC
BSD ICMPV6 Handling Routines Remote Denial Of Service Vulnerability
An exploit example has been publicly released that demonstrates this issue.
An exploit example has been publicly released that demonstrates this issue.
Solution / Fix
BSD ICMPV6 Handling Routines Remote Denial Of Service Vulnerability
Solution:
The vendor has advised that affected customers running revision 1.81 of /src/sys/netinet6/ip6_output.c, download revision 1.82 of the file from CVS and recompile the kernel.
The vendor has released patches for OpenBSD 3.4-stable and 3.3-stable. Users are advised to update their software.
NetBSD has released an advisory that includes updates. Fix details may be found in the attached advisory.
OpenBSD OpenBSD 3.4
OpenBSD OpenBSD 3.3
Solution:
The vendor has advised that affected customers running revision 1.81 of /src/sys/netinet6/ip6_output.c, download revision 1.82 of the file from CVS and recompile the kernel.
The vendor has released patches for OpenBSD 3.4-stable and 3.3-stable. Users are advised to update their software.
NetBSD has released an advisory that includes updates. Fix details may be found in the attached advisory.
OpenBSD OpenBSD 3.4
-
OpenBSD 011_ip6.patch
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/011_ip6.patch
OpenBSD OpenBSD 3.3
-
OpenBSD 016_ip6.patch
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/016_ip6.patch
References
BSD ICMPV6 Handling Routines Remote Denial Of Service Vulnerability
References:
References:
- Diff for /src/sys/netinet6/ip6_output.c between version 1.81 and 1.82 (OpenBSD)
- OpenBSD Homepage (OpenBSD)
- OpenBSD IPv6 remote kernel crash ("Thor Larholm"
)