Vulnerability Name:

CVE-2009-2208 (CCN-51044)

Assigned:2009-06-10
Published:2009-06-10
Updated:2017-08-17
Summary:FreeBSD 6.3, 6.4, 7.1, and 7.2 does not enforce permissions on the SIOCSIFINFO_IN6 IOCTL, which allows local users to modify or disable IPv6 network interfaces, as demonstrated by modifying the MTU.
CVSS v3 Severity:4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:3.6 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:P)
2.6 Low (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): Partial
2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N)
1.6 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-264
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-2009-2208

Source: CCN
Type: SA35410
FreeBSD "SIOCSIFINFO_IN6" IOCTL Security Issue

Source: SECUNIA
Type: Vendor Advisory
35410

Source: CCN
Type: FreeBSD-SA-09:10.ipv6
Missing permission check on SIOCSIFINFO_IN6 ioctl

Source: FREEBSD
Type: Patch, Vendor Advisory
FreeBSD-SA-09:10

Source: CCN
Type: SECTRACK ID: 1022367
FreeBSD SIOCSIFINFO_IN6 IOCTL Access Bug Lets Local Users Modify IPv6 Interface Properties

Source: CCN
Type: OSVDB ID: 55045
FreeBSD IPv6 SIOCSIFINFO_IN6 IOCTL Unprivileged Interface Property Manipulation

Source: BID
Type: Patch
35285

Source: CCN
Type: BID-35285
FreeBSD IPv6 'SIOCSIFINFO_IN6' Permission Check Local Security Bypass Vulnerability

Source: SECTRACK
Type: UNKNOWN
1022367

Source: XF
Type: UNKNOWN
freebsd-siocsifinfo-security-bypass(51044)

Source: XF
Type: UNKNOWN
freebsd-siocsifinfo-security-bypass(51044)

Vulnerable Configuration:Configuration 1:
  • cpe:/o:freebsd:freebsd:6.3:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:6.3:release_p10:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:6.3:release_p11:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:6.3:release_p6:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:6.3:release_p8:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:6.3:release_p9:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:6.3_releng:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:6.4:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:6.4:release:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:6.4:release_p2:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:6.4:release_p3:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:6.4:release_p4:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:6.4:release_p5:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:6.4:stable:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:7.1:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:7.1:pre-release:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:7.1:rc1:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:7.1:release-p1:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:7.1:release-p2:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:7.1:release-p4:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:7.1:release-p5:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:7.1:release-p6:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:7.1:stable:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:7.2:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:7.2:pre-release:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:7.2:stable:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:freebsd:freebsd:6.3:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:6.4:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:7.1:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:7.2:pre-release:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    freebsd freebsd 6.3
    freebsd freebsd 6.3 release_p10
    freebsd freebsd 6.3 release_p11
    freebsd freebsd 6.3 release_p6
    freebsd freebsd 6.3 release_p8
    freebsd freebsd 6.3 release_p9
    freebsd freebsd 6.3_releng
    freebsd freebsd 6.4
    freebsd freebsd 6.4 release
    freebsd freebsd 6.4 release_p2
    freebsd freebsd 6.4 release_p3
    freebsd freebsd 6.4 release_p4
    freebsd freebsd 6.4 release_p5
    freebsd freebsd 6.4 stable
    freebsd freebsd 7.1
    freebsd freebsd 7.1 pre-release
    freebsd freebsd 7.1 rc1
    freebsd freebsd 7.1 release-p1
    freebsd freebsd 7.1 release-p2
    freebsd freebsd 7.1 release-p4
    freebsd freebsd 7.1 release-p5
    freebsd freebsd 7.1 release-p6
    freebsd freebsd 7.1 stable
    freebsd freebsd 7.2
    freebsd freebsd 7.2 pre-release
    freebsd freebsd 7.2 stable
    freebsd freebsd 6.3 -
    freebsd freebsd 6.4 -
    freebsd freebsd 7.1 -
    freebsd freebsd 7.2 pre-release