What about FreeBSD? - KAME Project "ipcomp6_input()" Denial of Service

TITLE:
KAME Project "ipcomp6_input()" Denial of Service

CRITICAL:
Moderately critical

IMPACT:
DoS

WHERE:
>From remote

DESCRIPTION:
A vulnerability has been reported in the KAME Project, which
can be
exploited by malicious people to cause a DoS (Denial of
Service).

The vulnerability is caused due to an error within the
"ipcomp6_input()" function in
kame/sys/netinet6/ipcomp_input.c when
processing IPv6 packets with an IPComp header. This can be
exploited
to crash a vulnerable system by sending a specially crafted
IPv6
packet.

SOLUTION:
Fixed in the CVS repository.
http://www.kame.ne
t/dev/cvsweb2.cgi/kame/kame/sys/netinet6/ipcomp_input.c.diff
?r1=1.36;r2=1.37

PROVIDED AND/OR DISCOVERED BY:
US-CERT credits Shoichi Sakane.
NetBSD credits the Coverity Prevent analysis tool.

ORIGINAL ADVISORY:
US-CERT VU#110947:
http://www.kb.c
ert.org/vuls/id/110947

_______________________________________________
freebsd-securityfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-secu
rity
To unsubscribe, send any mail to
"freebsd-security-unsubscribefreebsd.org"

MOHACSI JANOS <MOHACSINIIF.HU> WRITES:
> ORIGINAL ADVISORY:
> US-CERT VU#110947:
> HTTP://WWW.KB.CERT.ORG/VULS/ID/110947

AS FAR AS I CAN TELL, FREEBSD'S IPCOMP IMPLEMENTATION IS NOT
FROM KAME,
BUT FROM OPENBSD, WITH SIGNIFICANT LOCAL CHANGES.

DES
-- 
DAG-ERLING SMøRGRAV - DESDES.NO
_______________________________________________
FREEBSD-SECURITYFREEBSD.ORG MAILING LIST
HTTP://LISTS.FREEBSD.ORG/MAILMAN/LISTINFO/FREEBSD-SECURITY
TO UNSUBSCRIBE, SEND ANY MAIL TO
"FREEBSD-SECURITY-UNSUBSCRIBEFREEBSD.ORG"