CVE-2008-2464
https://notcve.org/view.php?id=CVE-2008-2464
The mld_input function in sys/netinet6/mld6.c in the kernel in NetBSD 4.0, FreeBSD, and KAME, when INET6 is enabled, allows remote attackers to cause a denial of service (divide-by-zero error and panic) via a malformed ICMPv6 Multicast Listener Discovery (MLD) query with a certain Maximum Response Delay value. La Función mld_input en sys/netinet6/mld6.c in the kernel en NetBSD 4.0, FreeBSD, y KAME, cuando INET6 está habilitado, permite a atacantes remotos provocar una denegación de servicio (Error de división entre 0 y caída) a través de una petición ICMPv6 Multicast Listener Discovery (MLD) mal formada con un determinado valor de "Maximum Response Delay". • http://cert.fi/haavoittuvuudet/2008/advisory-netbsd.html http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/netinet6/mld6.c http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/netinet6/mld6.c.diff?r1=1.46&r2=1.47&f=h http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-011.txt.asc http://securitytracker.com/id?1020822 http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet6/mld6.c http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet6/mld6.c.diff?r1=1.34%3Br • CWE-189: Numeric Errors •
CVE-2008-0177 – Apple Mac OSX xnu 1228.3.13 - IPv6-ipcomp Remote kernel Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2008-0177
The ipcomp6_input function in sys/netinet6/ipcomp_input.c in the KAME project before 20071201 does not properly check the return value of the m_pulldown function, which allows remote attackers to cause a denial of service (system crash) via an IPv6 packet with an IPComp header. La función ipcomp6_input en sys/netinet6/ipcomp_input.c en el Proyecto KAME antes del 2007-12-01 no comprueba correctamente el valor de retorno de la función m_pulldown, lo que permite a atacantes remotos provocar una denegación de servicio (caída del sistema) mediante un paquete IPv6 con cabecera IPComp. • https://www.exploit-db.com/exploits/5191 http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/netinet6/ipcomp_input.c?f=u&only_with_tag=netbsd-3-1 http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html http://lists.apple.com/archives/security-announce/2008//May/msg00001.html http://secunia.com/advisories/28788 http://secunia.com/advisories/28816 http://secunia.com/advisories/28979 http://secunia.com/advisories/29130 http://secunia.com/advisories/30430 http: •
CVE-2005-0398
https://notcve.org/view.php?id=CVE-2005-0398
The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets. • http://secunia.com/advisories/14584 http://security.gentoo.org/glsa/glsa-200503-33.xml http://securitytracker.com/id?1013433 http://sourceforge.net/mailarchive/forum.php?thread_id=6787713&forum_id=32000 http://www.mandriva.com/security/advisories?name=MDKSA-2005:062 http://www.redhat.com/support/errata/RHSA-2005-232.html http://www.securityfocus.com/bid/12804 http://www.vupen.com/english/advisories/2005/0264 https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=109966&action=view •
CVE-2004-0607
https://notcve.org/view.php?id=CVE-2004-0607
The eay_check_x509cert function in KAME Racoon successfully verifies certificates even when OpenSSL validation fails, which could allow remote attackers to bypass authentication. La función eay_check_x509cert en KAME Racoon verifica como buenos certificados incluso cuando la validación OpenSLL falla, lo que podría permitir a atacantes remotos saltarse la autenticación. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.10/SCOSA-2005.10.txt http://marc.info/?l=bugtraq&m=108726102304507&w=2 http://marc.info/?l=bugtraq&m=108731967126033&w=2 http://secunia.com/advisories/11863 http://secunia.com/advisories/11877 http://security.gentoo.org/glsa/glsa-200406-17.xml http://securitytracker.com/id?1010495 http://sourceforge.net/project/shownotes.php?release_id=245982 http://www.osvdb.org/7113 http://www.redhat.com/support/errata/RHSA-2 •
CVE-2004-0392
https://notcve.org/view.php?id=CVE-2004-0392
racoon before 20040407b allows remote attackers to cause a denial of service (infinite loop and dropped connections) via an IKE message with a malformed Generic Payload Header containing invalid (1) "Security Association Next Payload" and (2) "RESERVED" fields. racoon anteriores a 20040407b permite a atacantes remotos causar una denegación de servicio (bucle infinito y conexiones descartadas) mediante un mensaje IKE con una cabecera de carga útil (paiload) genérica malformada, conteniendo campos (1) "Security Association Next Payload" y (2) "RESERVED" no válidos. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.10/SCOSA-2005.10.txt http://orange.kame.net/dev/query-pr.cgi?pr=555 http://www.vuxml.org/freebsd/40fcf20f-8891-11d8-90d1-0020ed76ef5a.html https://exchange.xforce.ibmcloud.com/vulnerabilities/15893 •