CVE-2015-2923

Опубликовано: 20 фев. 2020

Источник: nvd

CVSS3: 6.5

CVSS2: 3.3

EPSS Низкий

Описание

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD through 10.1 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message.

Ссылки

http://openwall.com/lists/oss-security/2015/04/04/2
Mailing List
Third Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6fd99094de2b83d1d4c8457f2c83483b2828e75a
Patch
Third Party Advisory
https://lists.freebsd.org/pipermail/freebsd-net/2015-April/041934.html
Mailing List
Vendor Advisory
https://www.freebsd.org/security/advisories/FreeBSD-SA-15:09.ipv6.asc
Mitigation
Vendor Advisory
http://openwall.com/lists/oss-security/2015/04/04/2
Mailing List
Third Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6fd99094de2b83d1d4c8457f2c83483b2828e75a
Patch
Third Party Advisory
https://lists.freebsd.org/pipermail/freebsd-net/2015-April/041934.html
Mailing List
Vendor Advisory
https://www.freebsd.org/security/advisories/FreeBSD-SA-15:09.ipv6.asc
Mitigation
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*

Версия до 10.1 (исключая)

EPSS

Процентиль: 80%

0.01374

Низкий

6.5 Medium

CVSS3

3.3 Low

CVSS2

Дефекты

CWE-20

Связанные уязвимости

CVE-2015-2923

CVSS3: 6.5

ubuntu

почти 6 лет назад

CVE-2015-2923

CVSS3: 6.5

debian

почти 6 лет назад

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack ...

GHSA-vgpp-7j95-7pmj

github

больше 3 лет назад

EPSS

Процентиль: 80%

0.01374

Низкий

6.5 Medium

CVSS3

3.3 Low

CVSS2

Дефекты

CWE-20