Vulnerabilities > CVE-2006-0381 - Remote Denial Of Service vulnerability in Freebsd 5.3/5.4/6.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
A logic error in the IP fragment cache functionality in pf in FreeBSD 5.3, 5.4, and 6.0, and OpenBSD, when a 'scrub fragment crop' or 'scrub fragment drop-ovl' rule is being used, allows remote attackers to cause a denial of service (crash) via crafted packets that cause a packet fragment to be inserted twice.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 9 |
Seebug
bulletinFamily | exploit |
description | BUGTRAQ ID: 16375 CVE(CAN) ID: CVE-2006-0381 OpenBSD是一款开放源代码Unix类操作系统。 OpenBSD内核的报文分片处理模块存在漏洞,远程攻击者可利用此漏洞对服务器进行拒绝服务攻击。 远程攻击者可能通过精心构造的恶意分片报文导致内核崩溃。 FreeBSD FreeBSD 6.0-STABLE FreeBSD FreeBSD 6.0-RELEASE FreeBSD FreeBSD 5.4 FreeBSD FreeBSD 5.3 OpenBSD OpenBSD current OpenBSD OpenBSD 3.8 OpenBSD OpenBSD 3.7 FreeBSD ------- FreeBSD已经为此发布了一个安全公告(FreeBSD-SA-06:07)以及相应补丁: FreeBSD-SA-06:07:IP fragment handling panic in pf(4) 链接:<a href=ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:07.pf.asc target=_blank>ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:07.pf.asc</a> 补丁下载: # fetch <a href=ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:07/pf.patch target=_blank>ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:07/pf.patch</a> # fetch <a href=ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:07/pf.patch.asc target=_blank>ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:07/pf.patch.asc</a> OpenBSD ------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: <a href=http://www.openbsd.org/cgi-bin/cvsweb/src/sys/net/pf_norm.c.diff?r1=1.103&r2=1.104 target=_blank>http://www.openbsd.org/cgi-bin/cvsweb/src/sys/net/pf_norm.c.diff?r1=1.103&r2=1.104</a> |
id | SSV:4230 |
last seen | 2017-11-19 |
modified | 2006-08-20 |
published | 2006-08-20 |
reporter | Root |
title | OpenBSD PF IP分片拒绝服务漏洞 |
References
- ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:07.pf.asc
- ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-004.txt.asc
- http://secunia.com/advisories/18609
- http://securitytracker.com/id?1015542
- http://www.openbsd.org/cgi-bin/cvsweb/src/sys/net/pf_norm.c.diff?r1=1.103&r2=1.104
- http://www.osvdb.org/22732
- http://www.securityfocus.com/bid/16375
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24337