SecurityTracker.com Archives - OpenBSD IPv6 Routing Header Bug Lets Remote Users Deny Service

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

SecurityTracker
Archives

Sign Up

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Affiliates

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Partners

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: OS (UNIX) > OpenBSD Kernel

Vendors: OpenBSD

OpenBSD IPv6 Routing Header Bug Lets Remote Users Deny Service

SecurityTracker Alert ID: 1019496

SecurityTracker URL: http://securitytracker.com/id?1019496

CVE Reference: CVE-2008-1057 (Links to External Site)

Updated: Mar 19 2008

Original Entry Date: Feb 25 2008

Impact: Denial of service via network

Fix Available: Yes Vendor Confirmed: Yes

Advisory: OpenBSD Errata

Version(s): 4.2

Description: A vulnerability was reported in OpenBSD. A remote user can cause a kernel panic.

A remote user can send a specially crafted IPv6 routing header to trigger a kernel panic on the target system.

Impact: A remote user can cause the target system to crash.

Solution: The vendor has issued a patch:

ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.2/common/008_ip6rthdr.patch

Vendor URL: www.openbsd.org/ (Links to External Site)

Cause: Input validation error

Underlying OS: UNIX (OpenBSD)

Message History: None.

Source Message Contents

Date: Mon, 25 Feb 2008 08:36:56 -0500
Subject: OpenBSD kernel

 
 
RELIABILITY FIX: February 25, 2008   All architectures
Malformed IPv6 routing headers can cause a kernel panic.
A source code patch exists which remedies this problem.
 
ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.2/common/008_ip6rthdr.patch

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us | Help
Copyright 2007, SecurityGlobal.net LLC