Published: 10/03/2007 Updated: 18/10/2016

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Buffer overflow in kern/uipc_mbuf2.c in OpenBSD 3.9 and 4.0 allows remote malicious users to execute arbitrary code via fragmented IPv6 packets due to "incorrect mbuf handling for ICMP6 packets." NOTE: this was originally reported as a denial of service.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openbsd openbsd 4.0
openbsd openbsd 3.9

source: wwwsecurityfocuscom/bid/22901/info OpenBSD is prone to a remote buffer-overflow vulnerability because the software fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer A remote attacker can exploit this issue to execute arbitrary code with kernel-level privileges or to crash the affected ...

Core Security Technologies Advisory - The OpenBSD kernel contains a memory corruption vulnerability in the code that handles IPv6 packets Exploitation of this vulnerability can result in remote execution of arbitrary code at the kernel level on the vulnerable systems and/or a remote denial of service condition Affected systems include OpenBSD 41 ...

NVD-CWE-Other http://www.openbsd.org/errata39.html#m_dup1 http://www.openbsd.org/errata40.html#m_dup1 http://securitytracker.com/id?1017735 http://www.coresecurity.com/?action=item&id=1703 http://www.securityfocus.com/bid/22901 http://www.securitytracker.com/id?1017744 http://secunia.com/advisories/24490 http://www.kb.cert.org/vuls/id/986425 http://www.osvdb.org/33050 http://marc.info/?l=openbsd-cvs&m=117252151023868&w=2 https://nvd.nist.gov https://www.exploit-db.com/exploits/29725/https://www.kb.cert.org/vuls/id/986425

CVE-2007-1365

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect