OpenBSD.Packet.Filter.IPv6.Fragmentation.DoS
Description
This indicates an attack attempt to exploit a Denial of Service Vulnerability in OpenBSD Project OpenBSD.
Thus, a remote, unauthenticated attacker could exploit this vulnerability by sending crafted IPv6 fragments to the target server. Successful exploitation could allow an attacker to bypass various packet filter rules or cause denial-of-service conditions.
Affected Products
FreeBSD Project FreeBSD 11.2-RELEASE prior to 11.2-RELEASE-p10
FreeBSD Project FreeBSD 11.3-PRERELEASE prior to r347591
FreeBSD Project FreeBSD 12.0-RELEASE prior to 12.0-RELEASE-p4
OpenBSD Project OpenBSD 5.0 to 6.4
Impact
Denial of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://ftp.openbsd.org/pub/OpenBSD/patches/6.4/common/014_pf6frag.patch.sig
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |