Detections
Analytics

CVE-2008-3530

high

Description

sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/44908

http://www.vupen.com/english/advisories/2009/1297

http://www.vupen.com/english/advisories/2009/0633

http://www.us-cert.gov/cas/techalerts/TA09-133A.html

http://www.securitytracker.com/id?1021111

http://www.securitytracker.com/id?1020820

http://www.securityfocus.com/bid/31004

http://support.apple.com/kb/HT3549

http://support.apple.com/kb/HT3467

http://security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc

http://secunia.com/advisories/35074

http://secunia.com/advisories/32401

http://secunia.com/advisories/31745

http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

Details

Source: Mitre, NVD

Published: 2008-09-05

Updated: 2017-08-08

Risk Information

CVSS v2

Base Score: 7.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High