URL	Tags
cve@mitre.org	ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-015.txt.asc
cve@mitre.org	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
cve@mitre.org	http://secunia.com/advisories/31745	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/32401
cve@mitre.org	http://secunia.com/advisories/35074
cve@mitre.org	http://security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc	Patch
cve@mitre.org	http://support.apple.com/kb/HT3467
cve@mitre.org	http://support.apple.com/kb/HT3549
cve@mitre.org	http://www.securityfocus.com/bid/31004	Patch
cve@mitre.org	http://www.securitytracker.com/id?1020820
cve@mitre.org	http://www.securitytracker.com/id?1021111
cve@mitre.org	http://www.us-cert.gov/cas/techalerts/TA09-133A.html	US Government Resource
cve@mitre.org	http://www.vupen.com/english/advisories/2009/0633
cve@mitre.org	http://www.vupen.com/english/advisories/2009/1297
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/44908
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-015.txt.asc
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31745	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/32401
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/35074
af854a3a-2127-422b-91ae-364da2661108	http://security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc	Patch
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT3467
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT3549
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/31004	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1020820
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1021111
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA09-133A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/0633
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/1297
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/44908

▼	Vendor	Product
	n/a	n/a

ghsa-54hj-xp7v-pcj6

Vulnerability from github

Published

2022-05-03 03:19

Modified

2022-05-03 03:19

Details

sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-3530"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-09-05T16:08:00Z",
    "severity": "HIGH"
  },
  "details": "sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message.",
  "id": "GHSA-54hj-xp7v-pcj6",
  "modified": "2022-05-03T03:19:20Z",
  "published": "2022-05-03T03:19:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3530"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44908"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31745"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/32401"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/35074"
    },
    {
      "type": "WEB",
      "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT3467"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT3549"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/31004"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020820"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1021111"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/0633"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/1297"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

gsd-2008-3530

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message.

Aliases

CVE-2008-3530

Aliases

CVE-2008-3530

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-3530",
    "description": "sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message.",
    "id": "GSD-2008-3530"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-3530"
      ],
      "details": "sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message.",
      "id": "GSD-2008-3530",
      "modified": "2023-12-13T01:23:05.904569Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2008-3530",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "NetBSD-SA2008-015",
            "refsource": "NETBSD",
            "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-015.txt.asc"
          },
          {
            "name": "31745",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/31745"
          },
          {
            "name": "http://support.apple.com/kb/HT3549",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT3549"
          },
          {
            "name": "http://support.apple.com/kb/HT3467",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT3467"
          },
          {
            "name": "FreeBSD-SA-08:09",
            "refsource": "FREEBSD",
            "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc"
          },
          {
            "name": "35074",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/35074"
          },
          {
            "name": "APPLE-SA-2009-05-12",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
          },
          {
            "name": "1021111",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1021111"
          },
          {
            "name": "freebsd-icmp6mtudiscupdate-dos(44908)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44908"
          },
          {
            "name": "31004",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/31004"
          },
          {
            "name": "TA09-133A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
          },
          {
            "name": "ADV-2009-1297",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2009/1297"
          },
          {
            "name": "1020820",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1020820"
          },
          {
            "name": "32401",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/32401"
          },
          {
            "name": "ADV-2009-0633",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2009/0633"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:freebsd:freebsd:6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:freebsd:freebsd:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:freebsd:freebsd:7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-3530"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "FreeBSD-SA-08:09",
              "refsource": "FREEBSD",
              "tags": [
                "Patch"
              ],
              "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc"
            },
            {
              "name": "31004",
              "refsource": "BID",
              "tags": [
                "Patch"
              ],
              "url": "http://www.securityfocus.com/bid/31004"
            },
            {
              "name": "31745",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/31745"
            },
            {
              "name": "1020820",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1020820"
            },
            {
              "name": "NetBSD-SA2008-015",
              "refsource": "NETBSD",
              "tags": [],
              "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-015.txt.asc"
            },
            {
              "name": "32401",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/32401"
            },
            {
              "name": "1021111",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1021111"
            },
            {
              "name": "http://support.apple.com/kb/HT3467",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.apple.com/kb/HT3467"
            },
            {
              "name": "ADV-2009-0633",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2009/0633"
            },
            {
              "name": "http://support.apple.com/kb/HT3549",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.apple.com/kb/HT3549"
            },
            {
              "name": "ADV-2009-1297",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2009/1297"
            },
            {
              "name": "35074",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/35074"
            },
            {
              "name": "APPLE-SA-2009-05-12",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
            },
            {
              "name": "TA09-133A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
            },
            {
              "name": "freebsd-icmp6mtudiscupdate-dos(44908)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44908"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-08-08T01:31Z",
      "publishedDate": "2008-09-05T16:08Z"
    }
  }
}

var-200809-0176

Vulnerability from variot

sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message. A vulnerability in some implementations of the IPv6 Neighbor Discovery Protocol may allow a nearby attacker to intercept traffic or cause congested links to become overloaded. FreeBSD is prone to a remote denial-of-service vulnerability. Remote attackers can exploit this issue to cause the kernel's TCP stack to panic, denying service to legitimate users. ----------------------------------------------------------------------

Do you need accurate and reliable IDS / IPS / AV detection rules?

Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/

TITLE: Force10 FTOS Routers IPv6 Neighbor Discovery Protocol Vulnerability

SECUNIA ADVISORY ID: SA32117

VERIFY ADVISORY: http://secunia.com/advisories/32117/

CRITICAL: Less critical

IMPACT: Spoofing, Exposure of sensitive information, DoS

WHERE:

From local network

OPERATING SYSTEM: Force10 FTOS Routers http://secunia.com/advisories/product/20024/

DESCRIPTION: A vulnerability has been reported in Force10 FTOS Routers, which can be exploited by malicious people to conduct spoofing attacks, disclose potentially sensitive information, or to cause a DoS (Denial of Service). This can be exploited to add a fake entry to the router's neighbor cache via a neighbor solicitation request containing a spoofed IPv6 address.

Successful exploitation may allow the interception or disruption of network traffic, but requires that the IPv6 nodes involved in the attack are using the same router.

SOLUTION: The vendor has reportedly fixed the vulnerability in FTOS version E7.7.1.1.

PROVIDED AND/OR DISCOVERED BY: US-CERT credits David Miles.

ORIGINAL ADVISORY: http://www.kb.cert.org/vuls/id/MAPG-7H2RY7

OTHER REFERENCES: US-CERT VU#472363: http://www.kb.cert.org/vuls/id/472363

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

============================================================================= FreeBSD-SA-08:09.icmp6 Security Advisory The FreeBSD Project

Topic: Remote kernel panics on IPv6 connections

Category: core Module: sys_netinet6 Announced: 2008-09-03 Credits: Tom Parker, Bjoern A. Zeeb Affects: All supported versions of FreeBSD. Corrected: 2008-09-03 19:09:47 UTC (RELENG_7, 7.1-PRERELEASE) 2008-09-03 19:09:47 UTC (RELENG_7_0, 7.0-RELEASE-p4) 2008-09-03 19:09:47 UTC (RELENG_6, 6.4-PRERELEASE) 2008-09-03 19:09:47 UTC (RELENG_6_3, 6.3-RELEASE-p4) CVE Name: CVE-2008-3530

For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .

I. Background

IPv6 nodes use ICMPv6 amongst other things to report errors encountered while processing packets. The 'Packet Too Big Message' is sent in case a node cannot forward a packet because the size of the packet is larger than the MTU of next-hop link.

II.

III. Workaround

Systems without INET6 / IPv6 support are not vulnerable and neither are systems which do not listen on any IPv6 TCP sockets and have no active IPv6 connections.

Filter ICMPv6 'Packet Too Big Messages' using a firewall, but this will at the same time break PMTU support for IPv6 connections.

V. Solution

Perform one of the following:

1) Upgrade your vulnerable system to 6-STABLE or 7-STABLE, or to the RELENG_6_3 or RELENG_7_0 security branch dated after the correction date.

2) To patch your present system:

The following patches have been verified to apply to FreeBSD 6.3 and FreeBSD 7.0 systems.

a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.

fetch http://security.FreeBSD.org/patches/SA-08:09/icmp6.patch

fetch http://security.FreeBSD.org/patches/SA-08:09/icmp6.patch.asc

b) Apply the patch.

cd /usr/src

patch < /path/to/patch

c) Recompile your kernel as described in and reboot the system.

VI. Correction details

The following list contains the revision numbers of each file that was corrected in FreeBSD.

Branch Revision Path

RELENG_6 src/sys/netinet6/icmp6.c 1.62.2.11 RELENG_6_3 src/UPDATING 1.416.2.37.2.9 src/sys/conf/newvers.sh 1.69.2.15.2.8 src/sys/netinet6/icmp6.c 1.62.2.9.2.1 RELENG_7 src/sys/netinet6/icmp6.c 1.80.2.7 RELENG_7_0 src/UPDATING 1.507.2.3.2.8 src/sys/conf/newvers.sh 1.72.2.5.2.8 src/sys/netinet6/icmp6.c 1.80.4.1

VII. References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3530

The latest revision of this advisory is available at http://security.FreeBSD.org/advisories/FreeBSD-SA-08:09.icmp6.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD)

iD8DBQFIvu2hFdaIBMps37IRAjxxAJwIIXP+ALAZkvG5m687PC+92BtXTwCfUZdS AvvrO0r+UAa6bn1H9mFf9So= =MBB1 -----END PGP SIGNATURE-----

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200809-0176",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "freebsd",
        "version": "6.3"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "freebsd",
        "version": "7.0"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "freebsd",
        "version": "7.1"
      },
      {
        "model": "netbsd",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "netbsd",
        "version": "3.1"
      },
      {
        "model": "netbsd",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "netbsd",
        "version": "4.0"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "apple computer",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "extreme",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "force10",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "ibm zseries",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "netbsd",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "openbsd",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "wind river",
        "version": null
      },
      {
        "model": "netbsd",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "netbsd",
        "version": "3.0"
      },
      {
        "model": "airmac express",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "base station"
      },
      {
        "model": "airmac extreme",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "base station"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.5 to  v10.5.6"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.5 to  v10.5.6"
      },
      {
        "model": "time capsule",
        "scope": null,
        "trust": 0.8,
        "vendor": "apple",
        "version": null
      },
      {
        "model": "7.0-release",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "current",
        "scope": null,
        "trust": 0.3,
        "vendor": "netbsd",
        "version": null
      },
      {
        "model": "netbsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "netbsd",
        "version": "3.0.1"
      },
      {
        "model": "-stable",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "6.0"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.6"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.3"
      },
      {
        "model": "airport extreme base station with 802.11n",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.4.1"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.6"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.3"
      },
      {
        "model": "airport base station",
        "scope": null,
        "trust": 0.3,
        "vendor": "apple",
        "version": null
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5"
      },
      {
        "model": "beta2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "netbsd",
        "version": "4.0"
      },
      {
        "model": "time capsule",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.4.1"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.5"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.4"
      },
      {
        "model": "airport express",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.1"
      },
      {
        "model": "netbsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "netbsd",
        "version": "3.0.2"
      },
      {
        "model": "-releng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "6.3"
      },
      {
        "model": "airport express base station with 802.11n",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.4.1"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.4"
      },
      {
        "model": "airport extreme base station",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "airport express",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.3"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.2"
      },
      {
        "model": "financials server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "navision",
        "version": "3.0"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.1"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.2"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.1"
      },
      {
        "model": "-releng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "7.0"
      },
      {
        "model": "4,0 beta",
        "scope": null,
        "trust": 0.3,
        "vendor": "netbsd",
        "version": null
      },
      {
        "model": "3.1 rc3",
        "scope": null,
        "trust": 0.3,
        "vendor": "netbsd",
        "version": null
      },
      {
        "model": "mac os",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.7"
      },
      {
        "model": "mac os server",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.7"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#472363"
      },
      {
        "db": "BID",
        "id": "31004"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-002306"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200809-087"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3530"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:freebsd:freebsd",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:netbsd:netbsd",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:apple:airport_express",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:apple:airmac_extreme",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:apple:mac_os_x",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:apple:mac_os_x_server",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:apple:time_capsule",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-002306"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Tom Parker\u203b tom@rooted.net\u203bBjoern A. Zeeb\u203b bz@zabbadoz.net",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200809-087"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2008-3530",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2008-3530",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2008-3530",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#472363",
            "trust": 0.8,
            "value": "2.70"
          },
          {
            "author": "NVD",
            "id": "CVE-2008-3530",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200809-087",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#472363"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-002306"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200809-087"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3530"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message. A vulnerability in some implementations of the IPv6 Neighbor Discovery Protocol may allow a nearby attacker to intercept traffic or cause congested links to become overloaded. FreeBSD is prone to a remote denial-of-service vulnerability. \nRemote attackers can exploit this issue to cause the kernel\u0027s TCP stack to panic, denying service to legitimate users. ----------------------------------------------------------------------\n\nDo you need accurate and reliable IDS / IPS / AV detection rules?\n\nGet in-depth vulnerability details:\nhttp://secunia.com/binary_analysis/sample_analysis/\n\n----------------------------------------------------------------------\n\nTITLE:\nForce10 FTOS Routers IPv6 Neighbor Discovery Protocol Vulnerability\n\nSECUNIA ADVISORY ID:\nSA32117\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/32117/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nSpoofing, Exposure of sensitive information, DoS\n\nWHERE:\n\u003eFrom local network\n\nOPERATING SYSTEM:\nForce10 FTOS Routers\nhttp://secunia.com/advisories/product/20024/\n\nDESCRIPTION:\nA vulnerability has been reported in Force10 FTOS Routers, which can\nbe exploited by malicious people to conduct spoofing attacks,\ndisclose potentially sensitive information, or to cause a DoS (Denial\nof Service). This can be exploited to add a fake entry to the router\u0027s\nneighbor cache via a neighbor solicitation request containing a\nspoofed IPv6 address. \n\nSuccessful exploitation may allow the interception or disruption of\nnetwork traffic, but requires that the IPv6 nodes involved in the\nattack are using the same router. \n\nSOLUTION:\nThe vendor has reportedly fixed the vulnerability in FTOS version\nE7.7.1.1. \n\nPROVIDED AND/OR DISCOVERED BY:\nUS-CERT credits David Miles. \n\nORIGINAL ADVISORY:\nhttp://www.kb.cert.org/vuls/id/MAPG-7H2RY7\n\nOTHER REFERENCES:\nUS-CERT VU#472363:\nhttp://www.kb.cert.org/vuls/id/472363\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=============================================================================\nFreeBSD-SA-08:09.icmp6                                      Security Advisory\n                                                          The FreeBSD Project\n\nTopic:          Remote kernel panics on IPv6 connections\n\nCategory:       core\nModule:         sys_netinet6\nAnnounced:      2008-09-03\nCredits:        Tom Parker, Bjoern A. Zeeb\nAffects:        All supported versions of FreeBSD. \nCorrected:      2008-09-03 19:09:47 UTC (RELENG_7, 7.1-PRERELEASE)\n                2008-09-03 19:09:47 UTC (RELENG_7_0, 7.0-RELEASE-p4)\n                2008-09-03 19:09:47 UTC (RELENG_6, 6.4-PRERELEASE)\n                2008-09-03 19:09:47 UTC (RELENG_6_3, 6.3-RELEASE-p4)\nCVE Name:       CVE-2008-3530\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:http://security.FreeBSD.org/\u003e. \n\nI.   Background\n\nIPv6 nodes use ICMPv6 amongst other things to report errors encountered\nwhile processing packets.  The \u0027Packet Too Big Message\u0027 is sent in\ncase a node cannot forward a packet because the size of the packet is\nlarger than the MTU of next-hop link. \n\nII. \n\nIII.  Workaround\n\nSystems without INET6 / IPv6 support are not vulnerable and neither\nare systems which do not listen on any IPv6 TCP sockets and have no\nactive IPv6 connections. \n\nFilter ICMPv6 \u0027Packet Too Big Messages\u0027 using a firewall, but this\nwill at the same time break PMTU support for IPv6 connections. \n\nV.   Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to 6-STABLE or 7-STABLE, or to the\nRELENG_6_3 or RELENG_7_0 security branch dated after the correction date. \n\n2) To patch your present system:\n\nThe following patches have been verified to apply to FreeBSD 6.3 and\nFreeBSD 7.0 systems. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n# fetch http://security.FreeBSD.org/patches/SA-08:09/icmp6.patch\n# fetch http://security.FreeBSD.org/patches/SA-08:09/icmp6.patch.asc\n\nb) Apply the patch. \n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile your kernel as described in\n\u003cURL:http://www.FreeBSD.org/handbook/kernelconfig.html\u003e and reboot the\nsystem. \n\nVI.  Correction details\n\nThe following list contains the revision numbers of each file that was\ncorrected in FreeBSD. \n\nBranch                                                           Revision\n  Path\n- -------------------------------------------------------------------------\nRELENG_6\n  src/sys/netinet6/icmp6.c                                      1.62.2.11\nRELENG_6_3\n  src/UPDATING                                             1.416.2.37.2.9\n  src/sys/conf/newvers.sh                                   1.69.2.15.2.8\n  src/sys/netinet6/icmp6.c                                   1.62.2.9.2.1\nRELENG_7\n  src/sys/netinet6/icmp6.c                                       1.80.2.7\nRELENG_7_0\n  src/UPDATING                                              1.507.2.3.2.8\n  src/sys/conf/newvers.sh                                    1.72.2.5.2.8\n  src/sys/netinet6/icmp6.c                                       1.80.4.1\n- -------------------------------------------------------------------------\n\nVII. References\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3530\n\nThe latest revision of this advisory is available at\nhttp://security.FreeBSD.org/advisories/FreeBSD-SA-08:09.icmp6.asc\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (FreeBSD)\n\niD8DBQFIvu2hFdaIBMps37IRAjxxAJwIIXP+ALAZkvG5m687PC+92BtXTwCfUZdS\nAvvrO0r+UAa6bn1H9mFf9So=\n=MBB1\n-----END PGP SIGNATURE-----\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2008-3530"
      },
      {
        "db": "CERT/CC",
        "id": "VU#472363"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-002306"
      },
      {
        "db": "BID",
        "id": "31004"
      },
      {
        "db": "PACKETSTORM",
        "id": "70557"
      },
      {
        "db": "PACKETSTORM",
        "id": "69619"
      }
    ],
    "trust": 2.79
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2008-3530",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "31004",
        "trust": 2.7
      },
      {
        "db": "SECUNIA",
        "id": "32401",
        "trust": 2.4
      },
      {
        "db": "SECUNIA",
        "id": "31745",
        "trust": 2.4
      },
      {
        "db": "SECTRACK",
        "id": "1021111",
        "trust": 2.4
      },
      {
        "db": "SECTRACK",
        "id": "1020820",
        "trust": 2.4
      },
      {
        "db": "VUPEN",
        "id": "ADV-2009-0633",
        "trust": 2.4
      },
      {
        "db": "VUPEN",
        "id": "ADV-2009-1297",
        "trust": 1.6
      },
      {
        "db": "SECUNIA",
        "id": "35074",
        "trust": 1.6
      },
      {
        "db": "USCERT",
        "id": "TA09-133A",
        "trust": 1.6
      },
      {
        "db": "XF",
        "id": "44908",
        "trust": 1.4
      },
      {
        "db": "CERT/CC",
        "id": "VU#472363",
        "trust": 0.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-002306",
        "trust": 0.8
      },
      {
        "db": "APPLE",
        "id": "APPLE-SA-2009-05-12",
        "trust": 0.6
      },
      {
        "db": "NETBSD",
        "id": "NETBSD-SA2008-015",
        "trust": 0.6
      },
      {
        "db": "XF",
        "id": "6",
        "trust": 0.6
      },
      {
        "db": "CERT/CC",
        "id": "TA09-133A",
        "trust": 0.6
      },
      {
        "db": "FREEBSD",
        "id": "FREEBSD-SA-08:09",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200809-087",
        "trust": 0.6
      },
      {
        "db": "SECUNIA",
        "id": "32117",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "70557",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "69619",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#472363"
      },
      {
        "db": "BID",
        "id": "31004"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-002306"
      },
      {
        "db": "PACKETSTORM",
        "id": "70557"
      },
      {
        "db": "PACKETSTORM",
        "id": "69619"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200809-087"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3530"
      }
    ]
  },
  "id": "VAR-200809-0176",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.3892159333333334
  },
  "last_update_date": "2024-09-19T20:20:54.035000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "HT3549",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT3549"
      },
      {
        "title": "HT3467",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT3467"
      },
      {
        "title": "HT3467",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT3467?viewlocale=ja_JP"
      },
      {
        "title": "HT3549",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT3549?viewlocale=ja_JP"
      },
      {
        "title": "FreeBSD-SA-08:09.icmp6",
        "trust": 0.8,
        "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:09.icmp6.asc"
      },
      {
        "title": "NetBSD-SA2008-015",
        "trust": 0.8,
        "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-015.txt.asc"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-002306"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-002306"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3530"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.4,
        "url": "http://secunia.com/advisories/32401"
      },
      {
        "trust": 2.4,
        "url": "http://secunia.com/advisories/31745"
      },
      {
        "trust": 2.4,
        "url": "http://www.securityfocus.com/bid/31004"
      },
      {
        "trust": 2.4,
        "url": "http://www.securitytracker.com/id?1021111"
      },
      {
        "trust": 2.4,
        "url": "http://www.securitytracker.com/id?1020820"
      },
      {
        "trust": 2.4,
        "url": "http://www.vupen.com/english/advisories/2009/0633"
      },
      {
        "trust": 1.9,
        "url": "http://support.apple.com/kb/ht3467"
      },
      {
        "trust": 1.7,
        "url": "http://security.freebsd.org/advisories/freebsd-sa-08:09.icmp6.asc"
      },
      {
        "trust": 1.6,
        "url": "http://www.us-cert.gov/cas/techalerts/ta09-133a.html"
      },
      {
        "trust": 1.6,
        "url": "http://www.vupen.com/english/advisories/2009/1297"
      },
      {
        "trust": 1.6,
        "url": "http://support.apple.com/kb/ht3549"
      },
      {
        "trust": 1.6,
        "url": "http://secunia.com/advisories/35074"
      },
      {
        "trust": 1.6,
        "url": "http://lists.apple.com/archives/security-announce/2009/may/msg00002.html"
      },
      {
        "trust": 1.6,
        "url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-015.txt.asc"
      },
      {
        "trust": 1.4,
        "url": "http://xforce.iss.net/xforce/xfdb/44908"
      },
      {
        "trust": 1.0,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44908"
      },
      {
        "trust": 0.9,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3530"
      },
      {
        "trust": 0.8,
        "url": "http://tools.ietf.org/html/rfc4861"
      },
      {
        "trust": 0.8,
        "url": "http://tools.ietf.org/html/rfc4861#section-2.1"
      },
      {
        "trust": 0.8,
        "url": "http://www.ietf.org/rfc/rfc2461.txt"
      },
      {
        "trust": 0.8,
        "url": "http://www.ietf.org/rfc/rfc3756.txt"
      },
      {
        "trust": 0.8,
        "url": "http://www.ietf.org/rfc/rfc3177.txt"
      },
      {
        "trust": 0.8,
        "url": "http://tools.ietf.org/html/rfc3971"
      },
      {
        "trust": 0.8,
        "url": "http://docs.sun.com/app/docs/doc/817-0573/6mgc65bb6?a=view"
      },
      {
        "trust": 0.8,
        "url": "http://msdn.microsoft.com/en-us/library/ms900123.aspx"
      },
      {
        "trust": 0.8,
        "url": "http://en.wikipedia.org/wiki/forwarding_information_base#fibs_in_ingress_filtering_against_denial_of_service"
      },
      {
        "trust": 0.8,
        "url": "http://en.wikipedia.org/wiki/reverse_path_forwarding"
      },
      {
        "trust": 0.8,
        "url": "http://www.openbsd.org/faq/pf/filter.html#antispoof"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-3530"
      },
      {
        "trust": 0.3,
        "url": "http://www.freebsd.org/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/binary_analysis/sample_analysis/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/product/20024/"
      },
      {
        "trust": 0.1,
        "url": "http://www.kb.cert.org/vuls/id/472363"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://www.kb.cert.org/vuls/id/mapg-7h2ry7"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/32117/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://security.freebsd.org/\u003e."
      },
      {
        "trust": 0.1,
        "url": "http://www.freebsd.org/handbook/kernelconfig.html\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://security.freebsd.org/patches/sa-08:09/icmp6.patch"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-3530"
      },
      {
        "trust": 0.1,
        "url": "http://security.freebsd.org/patches/sa-08:09/icmp6.patch.asc"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#472363"
      },
      {
        "db": "BID",
        "id": "31004"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-002306"
      },
      {
        "db": "PACKETSTORM",
        "id": "70557"
      },
      {
        "db": "PACKETSTORM",
        "id": "69619"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200809-087"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3530"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#472363"
      },
      {
        "db": "BID",
        "id": "31004"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-002306"
      },
      {
        "db": "PACKETSTORM",
        "id": "70557"
      },
      {
        "db": "PACKETSTORM",
        "id": "69619"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200809-087"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-3530"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2008-10-02T00:00:00",
        "db": "CERT/CC",
        "id": "VU#472363"
      },
      {
        "date": "2008-09-03T00:00:00",
        "db": "BID",
        "id": "31004"
      },
      {
        "date": "2009-04-06T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2008-002306"
      },
      {
        "date": "2008-10-02T21:01:10",
        "db": "PACKETSTORM",
        "id": "70557"
      },
      {
        "date": "2008-09-04T02:48:27",
        "db": "PACKETSTORM",
        "id": "69619"
      },
      {
        "date": "2008-09-05T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200809-087"
      },
      {
        "date": "2008-09-05T16:08:00",
        "db": "NVD",
        "id": "CVE-2008-3530"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2009-04-27T00:00:00",
        "db": "CERT/CC",
        "id": "VU#472363"
      },
      {
        "date": "2009-05-13T18:46:00",
        "db": "BID",
        "id": "31004"
      },
      {
        "date": "2009-06-29T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2008-002306"
      },
      {
        "date": "2009-05-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200809-087"
      },
      {
        "date": "2017-08-08T01:31:57.420000",
        "db": "NVD",
        "id": "CVE-2008-3530"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200809-087"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "IPv6 implementations insecurely update Forwarding Information Base",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#472363"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200809-087"
      }
    ],
    "trust": 0.6
  }
}

Action not permitted

cve-2008-3530

Vulnerability from cvelistv5

ghsa-54hj-xp7v-pcj6

Vulnerability from github

gsd-2008-3530

Vulnerability from gsd

var-200809-0176

Vulnerability from variot

fetch http://security.FreeBSD.org/patches/SA-08:09/icmp6.patch

fetch http://security.FreeBSD.org/patches/SA-08:09/icmp6.patch.asc

cd /usr/src

patch < /path/to/patch

Tags