CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10142 – kernel - IPV6 fragmentation flaw
https://notcve.org/view.php?id=CVE-2016-10142
An issue was discovered in the IPv6 protocol specification, related to ICMP Packet Too Big (PTB) messages. (The scope of this CVE is all affected IPv6 implementations from all vendors.) The security implications of IP fragmentation have been discussed at length in [RFC6274] and [RFC7739]. An attacker can leverage the generation of IPv6 atomic fragments to trigger the use of fragmentation in an arbitrary IPv6 flow (in scenarios in which actual fragmentation of packets is not needed) and can subsequently perform any type of fragmentation-based attack against legacy IPv6 nodes that do not implement [RFC6946]. That is, employing fragmentation where not actually needed allows for fragmentation-based attack vectors to be employed, unnecessarily. • http://rhn.redhat.com/errata/RHSA-2017-0817.html http://www.securityfocus.com/bid/95797 http://www.securitytracker.com/id/1038256 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43730 https://support.f5.com/csp/article/K57211290?utm_source=f5support&%3Butm_medium=RSS https://tools.ietf.org/html/draft-ietf-6man-deprecate-atomfrag-generation-08 https://tools.ietf.org/html/rfc8021 https://access.redhat.com/security/cve/CVE-2016-10142 https://bugzilla.redhat.com/show_ • CWE-17: DEPRECATED: Code CWE-406: Insufficient Control of Network Message Volume (Network Amplification) •
CVSS: 7.8EPSS: 14%CPEs: 9EXPL: 0CVE-2007-2242 – IPv6 routing headers issue
https://notcve.org/view.php?id=CVE-2007-2242
The IPv6 protocol allows remote attackers to cause a denial of service via crafted IPv6 type 0 route headers (IPV6_RTHDR_TYPE_0) that create network amplification between two routers. El protocolo IPv6 permite a atacantes remotos provocar una denegación de servicio mediante cabeceras IPv6 de enrutamiento de tipo 0 (IPV6_RTHDR_TYPE_0) lo cual provoca amplificación de la red entre dos enrutadores. • http://docs.info.apple.com/article.html?artnum=305712 http://docs.info.apple.com/article.html?artnum=306375 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html http://openbsd.org/errata39.html#022_route6 http://openbsd.org/errata40.html#012_route6 http://secunia.com/advisories/24978 http://secunia.com/advisories/25033 http://secunia.com/advisories/25068 http://secunia.com/advisories/25083 http://secunia.com/advisories/25288 http://secunia.com/advisories/25 •