CVE-2009-0687

Currently unrated

Key Information:

Vendor: OpenBSD
Status: OpenBSD; Miros; Netbsd; Midnightbsd
Vendor: CVE Published:; 11 August 2009

Summary

The pf_test_rule function in OpenBSD Packet Filter (PF), as used in OpenBSD 4.2 through 4.5, NetBSD 5.0 before RC3, MirOS 10 and earlier, and MidnightBSD 0.3-current allows remote attackers to cause a denial of service (panic) via crafted IP packets that trigger a NULL pointer dereference during translation, related to an IPv4 packet with an ICMPv6 payload.

References

http://www.osvdb.org/53608

vdb-entryx_refsource_OSVDB

http://www.openbsd.org/errata43.html#013_pf

vendor-advisoryx_refsource_OPENBSD

http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetB...

vendor-advisoryx_refsource_NETBSD

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 11, 2009
Vulnerability Reserved
Feb 22, 2009