Vulnerabilities > CVE-2011-2393 - Resource Management Errors vulnerability in multiple products

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

freebsd

netbsd

CWE-399

NVD

Published: 2012-02-02

Updated: 2012-02-03

Summary

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD, NetBSD, and possibly other BSD-based operating systems allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with different source addresses, a similar vulnerability to CVE-2010-4670.

Vulnerable Configurations

Part	Description	Count
OS	Freebsd Freebsd Freebsd *	1
OS	Netbsd Netbsd Netbsd *	1

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

References

http://seclists.org/fulldisclosure/2011/Apr/86
http://www.mh-sec.de/downloads/mh-RA_flooding_CVE-2010-multiple.txt