Vulnerability Name:

CVE-2008-3530 (CCN-44908)

Assigned:2008-09-03
Published:2008-09-03
Updated:2017-08-08
Summary:sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:7.1 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C)
5.3 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-20
Vulnerability Consequences:Denial of Service
References:Source: CCN
Type: NetBSD Security Advisory 2008-015
ICMPv6 Packet Too Big messages

Source: NETBSD
Type: UNKNOWN
NetBSD-SA2008-015

Source: MITRE
Type: CNA
CVE-2008-3530

Source: APPLE
Type: UNKNOWN
APPLE-SA-2009-05-12

Source: CCN
Type: SA31745
FreeBSD ICMPv6 "Packet Too Big" MTU Denial of Service Vulnerability

Source: SECUNIA
Type: Vendor Advisory
31745

Source: CCN
Type: SA32401
NetBSD ICMPv6 "Packet Too Big" MTU Denial of Service Vulnerability

Source: SECUNIA
Type: UNKNOWN
32401

Source: CCN
Type: SA34105
Apple Airport Extreme / Time Capsule Multiple Vulnerabilities

Source: CCN
Type: SA35074
Apple Mac OS X Security Update Fixes Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
35074

Source: CCN
Type: FreeBSD-SA-08:09.icmp6
Remote kernel panics on IPv6 connections

Source: FREEBSD
Type: Patch
FreeBSD-SA-08:09

Source: CCN
Type: SECTRACK ID: 1020820
FreeBSD ICMPv6 Processing Flaw Lets Remote Users Deny Service

Source: CCN
Type: SECTRACK ID: 1021111
NetBSD ICMPv6 Processing Flaw Lets Remote Users Deny Service

Source: CCN
Type: Apple Web site
About the security content of Time Capsule and AirPort Base Station (802.11n*) Firmware 7.4.1

Source: CONFIRM
Type: UNKNOWN
http://support.apple.com/kb/HT3467

Source: CONFIRM
Type: UNKNOWN
http://support.apple.com/kb/HT3549

Source: CCN
Type: FreeBSD Web site
The FreeBSD Project

Source: CCN
Type: OSVDB ID: 47919
Multiple BSD ICMPv6 Packet Too Big Message MTU Remote DoS

Source: CCN
Type: OSVDB ID: 52493
Apple Multiple Products ICMPv6 Packet Too Big Message MTU Remote DoS

Source: BID
Type: Patch
31004

Source: CCN
Type: BID-31004
FreeBSD Malformed ICMPv6 Packet Remote Denial Of Service Vulnerability

Source: SECTRACK
Type: UNKNOWN
1020820

Source: SECTRACK
Type: UNKNOWN
1021111

Source: CERT
Type: US Government Resource
TA09-133A

Source: VUPEN
Type: UNKNOWN
ADV-2009-0633

Source: VUPEN
Type: UNKNOWN
ADV-2009-1297

Source: XF
Type: UNKNOWN
bsd-icmp6mtudiscupdate-dos(44908)

Source: XF
Type: UNKNOWN
freebsd-icmp6mtudiscupdate-dos(44908)

Vulnerable Configuration:Configuration 1:
  • cpe:/o:freebsd:freebsd:6.3:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:7.0:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:7.1:-:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:netbsd:netbsd:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:netbsd:netbsd:3.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:6.3:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:7.0:-:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*
  • OR cpe:/o:netbsd:netbsd:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:6.4:-:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.6:*:*:*:*:*:*:*
  • AND
  • cpe:/a:apple:apple_airport_extreme_base_station:*:*:*:*:*:*:*:*
  • OR cpe:/h:apple:airport_express_base_station_firmware:*:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    freebsd freebsd 6.3
    freebsd freebsd 7.0
    freebsd freebsd 7.1
    netbsd netbsd 3.0
    netbsd netbsd 3.1
    apple mac os x 10.5
    apple mac os x server 10.5
    apple mac os x 10.5.1
    apple mac os x server 10.5.1
    freebsd freebsd 6.3 -
    freebsd freebsd 7.0 -
    apple mac os x 10.5.2
    apple mac os x server 10.5.2
    netbsd netbsd 4.0
    apple mac os x server 10.5.3
    apple mac os x 10.5.3
    apple mac os x 10.5.4
    apple mac os x server 10.5.4
    freebsd freebsd 6.4 -
    apple mac os x 10.5.5
    apple mac os x server 10.5.5
    apple mac os x 10.5.6
    apple mac os x server 10.5.6
    apple apple airport extreme base station *
    apple airport express base station firmware *