Denial of Service Vulnerability in FreeBSD and NetBSD IPv6 Implementation
CVE-2012-5365

7.5HIGH

Key Information:

Vendor: FreeBSD
Status: FreeBSD; Netbsd
Vendor: CVE Published:; 20 February 2020

What is CVE-2012-5365?

The IPv6 implementation in FreeBSD and NetBSD versions prior to 2012 is susceptible to a denial of service attack. By sending a high volume of malformed ICMPv6 Router Advertisement packets containing numerous Routing entries, remote attackers can disrupt network services. This vulnerability illustrates the importance of secure network configurations and robust traffic filtering mechanisms to mitigate potential exploitation.

References

http://www.openwall.com/lists/oss-security/2012/10/10/12

x_refsource_MISC

https://www.securityfocus.com/bid/56170/info

vdb-entryx_refsource_BID

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 20, 2020
Vulnerability Reserved
Oct 10, 2012