Published: 29/01/2016 Updated: 10/09/2017

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 786

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

The Stream Control Transmission Protocol (SCTP) module in FreeBSD 9.3 before p33, 10.1 before p26, and 10.2 before p9, when the kernel is configured for IPv6, allows remote malicious users to cause a denial of service (assertion failure or NULL pointer dereference and kernel panic) via a crafted ICMPv6 packet.

Vulnerable Product	Search on Vulmon	Subscribe to Product
freebsd freebsd 10.2
freebsd freebsd 10.1
freebsd freebsd 9.3

Debian Bug report logs - #811278 kfreebsd-10: CVE-2016-1880: Linux compatibility layer incorrect futex handling [SA-16:03] Package: src:kfreebsd-10; Maintainer for src:kfreebsd-10 is GNU/kFreeBSD Maintainers <debian-bsd@listsdebianorg>; Reported by: Steven Chamberlain <steven@pyroeuorg> Date: Sun, 17 Jan 2016 15:5 ...

Debian Bug report logs - #811280 kfreebsd-10: CVE-2016-1882: TCP MD5 signature denial of service [SA-16:05] Package: src:kfreebsd-10; Maintainer for src:kfreebsd-10 is GNU/kFreeBSD Maintainers <debian-bsd@listsdebianorg>; Reported by: Steven Chamberlain <steven@pyroeuorg> Date: Sun, 17 Jan 2016 15:57:02 UTC Sever ...

Debian Bug report logs - #811279 kfreebsd-10: CVE-2016-1881: Linux compatibility layer setgroups(2) system call vulnerability [SA-16:04] Package: src:kfreebsd-10; Maintainer for src:kfreebsd-10 is GNU/kFreeBSD Maintainers <debian-bsd@listsdebianorg>; Reported by: Steven Chamberlain <steven@pyroeuorg> Date: Sun, 17 ...

Debian Bug report logs - #811277 kfreebsd-10: CVE-2016-1879: SCTP ICMPv6 error message vulnerability [SA-16:01] Package: src:kfreebsd-10; Maintainer for src:kfreebsd-10 is GNU/kFreeBSD Maintainers <debian-bsd@listsdebianorg>; Reported by: Steven Chamberlain <steven@pyroeuorg> Date: Sun, 17 Jan 2016 15:45:02 UTC S ...

#!/usr/bin/env python # -*- coding: utf-8 -*- ''' Source: blogptsecuritycom/2016/01/severe-vulnerabilities-detected-inhtml SCTP (stream control transmission protocol) is a transport-layer protocol designed to transfer signaling messages in an IP environment As a rule, mobile operators use this protocol in technological networks This ...

IPv6Tools is a robust modular framework that enables the ability to visually audit an IPv6 enabled network.

IPv6Tools The IPv6Tools framework is a robust set of modules and plugins that allow a user to audit an IPv6 enabled network The built-in modules support enumeration of IPv6 features such as ICMPv6 and Multicast Listener Discovery (MLD) In addition, the framework also supports enumeration of Upper Layer Protocols (ULP) such as multicast DNS (mDNS) and Link-Local Multicast N

NVD-CWE-Other https://www.freebsd.org/security/advisories/FreeBSD-SA-16:01.sctp.asc http://www.securitytracker.com/id/1034673 http://packetstormsecurity.com/files/135369/FreeBSD-SCTP-ICMPv6-Denial-Of-Service.html https://www.exploit-db.com/exploits/39305/https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=811278 https://www.exploit-db.com/exploits/39305/https://github.com/apg-intel/ipv6tools

CVE-2016-1879

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect