The ipcomp6_input function in sys/netinet6/ipcomp_input.c in the KAME project prior to 20071201 does not properly check the return value of the m_pulldown function, which allows remote malicious users to cause a denial of service (system crash) via an IPv6 packet with an IPComp header.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
kame ipcomp |