Published: 17/02/2014 Updated: 18/02/2014

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Subscribe to Router Advertisement Daemon

The process_rs function in the router advertisement daemon (radvd) prior to 1.8.2, when UnicastOnly is enabled, allows remote malicious users to cause a denial of service (temporary service hang) via a large number of ND_ROUTER_SOLICIT requests.

Vulnerable Product	Search on Vulmon	Subscribe to Product
litech router advertisement daemon

Debian Bug report logs - #644614 multiple security issues in radvd 16 Package: radvd; Maintainer for radvd is Geert Stappers <stappers@debianorg>; Source for radvd is src:radvd (PTS, buildd, popcon) Reported by: Yves-Alexis Perez <corsac@debianorg> Date: Fri, 7 Oct 2011 11:36:26 UTC Severity: grave Tags: securit ...

radvd could be made to crash or overwrite certain files if it received specially crafted network traffic ...

Multiple security issues were discovered by Vasiliy Kulikov in radvd, an IPv6 Router Advertisement daemon: CVE-2011-3602 set_interface_var() function doesn't check the interface name, which is chosen by an unprivileged user This could lead to an arbitrary file overwrite if the attacker has local access, or specific files overwrites ot ...

CWE-20 http://www.litech.org/radvd/CHANGES http://www.debian.org/security/2011/dsa-2323 http://www.openwall.com/lists/oss-security/2011/10/06/3 http://www.ubuntu.com/usn/USN-1257-1 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=644614 https://usn.ubuntu.com/1257-1/https://nvd.nist.gov

CVE-2011-3605

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect