CVE Details for CVE: CVE-2007-1365
Summary
Buffer overflow in kern/uipc_mbuf2.c in OpenBSD 3.9 and 4.0 allows remote attackers to execute arbitrary code via fragmented IPv6 packets due to "incorrect mbuf handling for ICMP6 packets." NOTE: this was originally reported as a denial of service.
| Timestamps | |
|---|---|
| Last major update | 18-10-2016 - 03:43 |
| Published | 10-03-2007 - 21:19 |
| Last modified | 18-10-2016 - 03:43 |
References
- http://www.openbsd.org/errata39.html#m_dup1
- http://www.openbsd.org/errata40.html#m_dup1
- http://securitytracker.com/id?1017735
- http://www.coresecurity.com/?action=item&id=1703
- http://www.securityfocus.com/bid/22901
- http://www.securitytracker.com/id?1017744
- http://secunia.com/advisories/24490
- http://www.kb.cert.org/vuls/id/986425
- http://www.osvdb.org/33050
- http://marc.info/?l=openbsd-cvs&m=117252151023868&w=2
CWE
CVSS
Base
10.0
Impact
10.0
Exploitability
10.0
Access
| Vector | Complexity | Authentication |
|---|---|---|
| NETWORK | LOW | NONE |
Impact
| Confidentiality | Integrity | Availability |
|---|---|---|
| COMPLETE | COMPLETE | COMPLETE |
CVSS3
None
VIA4 references
cvss-vector
via4
refmap
via4
| bid | 22901 |
| cert-vn | VU#986425 |
| misc | http://www.coresecurity.com/?action=item&id=1703 |
| mlist | [source-changes] 20070226 CVS: cvs.openbsd.org: src |
| openbsd | |
| osvdb | 33050 |
| sectrack | |
| secunia | 24490 |