7.1
CVE-2008-3530
- EPSS 4.51%
- Veröffentlicht 05.09.2008 16:08:00
- Zuletzt bearbeitet 16.06.2026 22:55:59
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.51% | 0.903 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.1 | 8.6 | 6.9 |
AV:N/AC:M/Au:N/C:N/I:N/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
http://secunia.com/advisories/35074
http://support.apple.com/kb/HT3549
http://www.us-cert.gov/cas/techalerts/TA09-133A.html
http://www.vupen.com/english/advisories/2009/1297
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-015.txt.asc
http://secunia.com/advisories/31745
http://secunia.com/advisories/32401
http://security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc
http://support.apple.com/kb/HT3467
http://www.securityfocus.com/bid/31004
http://www.securitytracker.com/id?1020820
http://www.securitytracker.com/id?1021111
http://www.vupen.com/english/advisories/2009/0633
https://exchange.xforce.ibmcloud.com/vulnerabilities/44908