CVE-2006-0388

Current Description

A logic error in the IP fragment cache functionality in pf in FreeBSD 5.3, 5.4, and 6.0, and OpenBSD, when a 'scrub fragment crop' or 'scrub fragment drop-ovl' rule is being used, allows remote attackers to cause a denial of service (crash) via crafted packets that cause a packet fragment to be inserted twice.

Basic Data

PublishedJanuary 25, 2006
Last ModifiedJuly 20, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactNONE
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score5.0
SeverityMEDIUM
Exploitability Score10.0
Impact Score2.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSFreebsdFreebsd5.3*******
    2.3OSFreebsdFreebsd5.3release******
    2.3OSFreebsdFreebsd5.3releng******
    2.3OSFreebsdFreebsd5.3stable******
    2.3OSFreebsdFreebsd5.4pre-release******
    2.3OSFreebsdFreebsd5.4release******
    2.3OSFreebsdFreebsd5.4releng******
    2.3OSFreebsdFreebsd6.0release******
    2.3OSFreebsdFreebsd6.0stable******

Vulnerable Software List

VendorProductVersions
Freebsd Freebsd 5.3, 5.4, 6.0

References

NameSourceURLTags
FreeBSD-SA-06:07ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:07.pf.ascFREEBSDPatch
NetBSD-SA2006-004ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-004.txt.ascNETBSD
18609http://secunia.com/advisories/18609SECUNIAPatch Vendor Advisory
1015542http://securitytracker.com/id?1015542SECTRACK
http://www.openbsd.org/cgi-bin/cvsweb/src/sys/net/pf_norm.c.diff?r1=1.103&r2=1.104http://www.openbsd.org/cgi-bin/cvsweb/src/sys/net/pf_norm.c.diff?r1=1.103&r2=1.104CONFIRM
22732http://www.osvdb.org/22732OSVDB
16375http://www.securityfocus.com/bid/16375BID
bsd-pf-fragment-dos(24337)https://exchange.xforce.ibmcloud.com/vulnerabilities/24337XF