Denial of Service Vulnerability in OpenBSD and NetBSD Products
CVE-2004-0257

Currently unrated

Key Information:

Vendor: Netbsd
Status: Netbsd; OpenBSD
Vendor: CVE Published:; 23 November 2004

What is CVE-2004-0257?

Remote attackers can exploit a vulnerability in OpenBSD 3.4 and NetBSD 1.6 and 1.6.1 by sending specially crafted IPv6 packets with a reduced MTU size to a designated listening port, subsequently leading to a denial of service. This results in a critical crash of the affected systems when a TCP connection is attempted to that port, impacting the availability of services.

References

http://www.guninski.com/obsdmtu.html

x_refsource_MISC

http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet6/ip...

x_refsource_CONFIRM

http://marc.info/?l=bugtraq&m=107604603226564&w=2

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 23, 2004
Vulnerability Reserved
Mar 17, 2004

CVE-2004-0257 Data

JSON

Netbsd

What is CVE-2004-0257?

References

Timeline