Remote Denial of Service in OpenBSD Packet Filter Affecting OpenBSD, NetBSD, and MirOS
CVE-2009-0687

Currently unrated

Key Information:

Vendor: OpenBSD
Status: OpenBSD; Miros; Netbsd; Midnightbsd
Vendor: CVE Published:; 11 August 2009

What is CVE-2009-0687?

The vulnerability exists in the pf_test_rule function found within the OpenBSD Packet Filter (PF) used across various operating systems. It enables remote attackers to induce a denial of service condition by sending specifically crafted IPv4 packets containing an ICMPv6 payload, which can lead to a NULL pointer dereference and ultimately, system panic. This affects OpenBSD versions 4.2 through 4.5, specific versions of NetBSD, and other related systems.

References

http://www.osvdb.org/53608

vdb-entryx_refsource_OSVDB

http://www.openbsd.org/errata43.html#013_pf

vendor-advisoryx_refsource_OPENBSD

http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetB...

vendor-advisoryx_refsource_NETBSD

EPSS Score

12% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 11, 2009
Vulnerability Reserved
Feb 22, 2009