CVE-2011-2393

NameCVE-2011-2393
DescriptionThe Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD, NetBSD, and possibly other BSD-based operating systems allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with different source addresses, a similar vulnerability to CVE-2010-4670.
SourceCVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more)
NVD severityhigh (attack range: remote)
Debian Bugs684072
Debian/oldstablepackage kfreebsd-8 is vulnerable.
Debian/stablepackages kfreebsd-8, kfreebsd-9 are vulnerable.
Debian/testingpackage kfreebsd-10 is vulnerable.
Debian/unstablepackage kfreebsd-10 is vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
kfreebsd-10 (PTS)jessie, sid10.1~svn274115-3vulnerable
kfreebsd-8 (PTS)squeeze8.1+dfsg-8+squeeze4vulnerable
squeeze (security)8.1+dfsg-8+squeeze3vulnerable
wheezy8.3-6+deb7u1vulnerable
kfreebsd-9 (PTS)wheezy9.0-10+deb70.7vulnerable
wheezy (security)9.0-10+deb70.9vulnerable

The information above is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
kfreebsd-10source(unstable)(unfixed)low
kfreebsd-7source(unstable)(unfixed)low
kfreebsd-8source(unstable)(unfixed)low
kfreebsd-9source(unstable)(unfixed)low684072

Notes

[squeeze] - kfreebsd-8 <no-dsa> (Minor issue)
[wheezy] - kfreebsd-8 <no-dsa> (Minor issue)
[squeeze] - kfreebsd-9 <no-dsa> (Minor issue)
[wheezy] - kfreebsd-9 <no-dsa> (Minor issue)
[jessie] - kfreebsd-10 <no-dsa> (Minor issue)
http://www.mh-sec.de/downloads/mh-RA_flooding_CVE-2010-multiple.txt
Search for package or bug name: Reporting problems