National Cyber-Alert System
Vulnerability Summary for CVE-2009-0687
Original release date:08/11/2009
Last revised:08/11/2009
Source:
US-CERT/NIST
Overview
The pf_test_rule function in OpenBSD Packet Filter (PF), as used in OpenBSD 4.2 through 4.5, NetBSD 5.0 before RC3, MirOS 10 and earlier, and MidnightBSD 0.3-current allows remote attackers to cause a denial of service (panic) via crafted IP packets that trigger a NULL pointer dereference during translation, related to an IPv4 packet with an ICMPv6 payload.
Impact
CVSS Severity (version 2.0):
Impact Subscore:
6.9
Exploitability Subscore:
10.0
CVSS Version 2 Metrics:
Access Vector: Network exploitable
Access Complexity: Low
Authentication: Not required to exploit
Impact Type:Allows disruption of serviceUnknown
References to Advisories, Solutions, and Tools
By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.
External Source: VUPEN
Name: ADV-2009-1015
Type: Advisory; Patch Information
External Source: OPENBSD
Name: [4.5] 002: RELIABILITY FIX: April 11, 2009
Type: Advisory; Patch Information
External Source: OPENBSD
Name: [4.4] 013: RELIABILITY FIX: April 11, 2009
Type: Advisory; Patch Information
External Source: OPENBSD
Name: [4.3] 013: RELIABILITY FIX: April 11, 2009
Type: Advisory; Patch Information
External Source: MISC
Name: ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.3/common/013_pf.patch
Type: Advisory; Patch Information
External Source: XF
Name: openbsd-packetfilter-dos(49837)
External Source: BUGTRAQ
Name: 20090413 OpenBSD 4.3 up to OpenBSD-current: PF null pointer dereference - remote DoS (kernel panic)
External Source: OSVDB
Name: 53608
External Source: MILW0RM
Name: 8581
External Source: MILW0RM
Name: 8406
External Source: MISC
Name: http://www.helith.net/txt/multiple_vendor-PF_null_pointer_dereference.txt
External Source: NETBSD
Name: NetBSD-SA2009-001
Type: Advisory