Vulnerability CVE-2004-0257 - CERT Civis.Net

Vulnerability Name:

CVE-2004-0257 (CCN-15044)

Assigned:

2004-02-04

Published:

2004-02-04

Updated:

2017-10-10

Summary:

OpenBSD 3.4 and NetBSD 1.6 and 1.6.1 allow remote attackers to cause a denial of service (crash) by sending an IPv6 packet with a small MTU to a listening port and then issuing a TCP connect to that port.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Denial of Service

References:

Source: NETBSD
Type: UNKNOWN
NetBSD-SA2004-002

Source: CCN
Type: Full-Disclosure Mailing List, Wed Feb 04 2004 - 10:08:53 CST
Remote openbsd crash with ip6, yet still openbsd much better than windows

Source: MITRE
Type: CNA
CVE-2004-0257

Source: FULLDISC
Type: UNKNOWN
20040204 Remote openbsd crash with ip6, yet still openbsd much better than windows

Source: CCN
Type: NetBSD Security Advisory 2004-002
Inconsistent IPv6 path MTU discovery handling

Source: BUGTRAQ
Type: UNKNOWN
20040205 OpenBSD IPv6 remote kernel crash

Source: MISC
Type: UNKNOWN
http://www.guninski.com/obsdmtu.html

Source: CCN
Type: OpenBSD Security Fix: 011
An IPv6 MTU handling problem exists that could be used by an attacker to cause a denial of service attack against hosts with reachable IPv6 TCP ports.

Source: CCN
Type: CVS log for src/sys/netinet6/ip6_output.c Web page
Revision 1.82

Source: CONFIRM
Type: UNKNOWN
http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet6/ip6_output.c

Source: OSVDB
Type: UNKNOWN
3825

Source: CCN
Type: OSVDB ID: 3825
Multiple BSD IPv6 Traffic Handling DoS

Source: BID
Type: Patch, Vendor Advisory
9577

Source: CCN
Type: BID-9577
BSD ICMPV6 Handling Routines Remote Denial Of Service Vulnerability

Source: XF
Type: UNKNOWN
openbsd-ipv6-dos(15044)

Source: XF
Type: UNKNOWN
openbsd-ipv6-dos(15044)

Vulnerable Configuration:

Configuration 1:

cpe:/o:netbsd:netbsd:1.6:*:*:*:*:*:*:*

OR cpe:/o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*

OR cpe:/o:openbsd:openbsd:3.0:*:*:*:*:*:*:*

OR cpe:/o:openbsd:openbsd:3.1:*:*:*:*:*:*:*

OR cpe:/o:openbsd:openbsd:3.2:*:*:*:*:*:*:*

OR cpe:/o:openbsd:openbsd:3.3:*:*:*:*:*:*:*

OR cpe:/o:openbsd:openbsd:3.4:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/o:netbsd:netbsd:1.6:*:*:*:*:*:*:*

OR cpe:/o:netbsd:netbsd:current:*:*:*:*:*:*:*

OR cpe:/o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*

OR cpe:/o:openbsd:openbsd:3.4:*:*:*:*:*:*:*

Denotes that component is vulnerable