vulnerability

FreeBSD: FreeBSD -- SCTP ICMPv6 error message vulnerability (FreeBSD-SA-16:01.sctp) (CVE-2016-1879)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:N/I:N/A:C)	Jan 29, 2016	Aug 12, 2016	Oct 30, 2017

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:C)

Published

Jan 29, 2016

Added

Aug 12, 2016

Modified

Oct 30, 2017

Description

The Stream Control Transmission Protocol (SCTP) module in FreeBSD 9.3 before p33, 10.1 before p26, and 10.2 before p9, when the kernel is configured for IPv6, allows remote attackers to cause a denial of service (assertion failure or NULL pointer dereference and kernel panic) via a crafted ICMPv6 packet.

Solutions

freebsd-upgrade-base-10_1-release-p26freebsd-upgrade-base-10_2-release-p9freebsd-upgrade-base-9_3-release-p33

References

CVE-2016-1879
https://attackerkb.com/topics/CVE-2016-1879

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today