Search:Vulnerability:27.04.2007 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Linux and BSD based Unix system IPv6 traffic amplification
Published: 27.04.2007
Source: BUGTRAQ
SecurityVulns ID: 7640
Type: remote
Level: 6/10
Description: IPv6 routing header allows to set route in a way to trasmit packet for multiple times over the same link.

Affected: LINUX : kernel 2.6
FREEBSD : FreeBSD 6.1
FREEBSD : FreeBSD 5.5
OPENBSD : OpenBSD 3.9
OPENBSD : OpenBSD 4.0
FREEBSD : FreeBSD 6.2
CVE: CVE-2007-2242 (The IPv6 protocol allows remote attackers to cause a denial of service via crafted IPv6 type 0 route headers (IPV6_RTHDR_TYPE_0) that create network amplification between two routers.)

Original document FREEBSD, FreeBSD Security Advisory FreeBSD-SA-07:03.ipv6 (27.04.2007)

Discuss: Read or add your comments to this news (0 comments)

Novell eDirectory NCP over IP DoS
Published: 27.04.2007
Source: BUGTRAQ
SecurityVulns ID: 7641
Type: remote
Level: 5/10
Description: Malformed fragmented request causes service to crash.

Affected: NOVELL : eDirectory 8.8
CVE: CVE-2006-4520 (ncp in Novell eDirectory before 8.7.3 SP9, and 8.8.x before 8.8.1 FTF2, does not properly handle NCP fragments with a negative length, which allows remote attackers to cause a denial of service (daemon crash) when the heap is written to a log file.)

Original document IDEFENSE, iDefense Security Advisory 04.26.07: Novell eDirectory NCP Fragment Denial of Service Vulnerability (27.04.2007)

Discuss: Read or add your comments to this news (0 comments)

test server