Vulnerability-Lookup

CNVD-2016-00682

Vulnerability from cnvd - Published: 2016-01-29

Title

FreeBSD ICMP v6 SCTP包头拒绝服务漏洞

Description

FreeBSD是由Core Team团队负责的FreeBSD项目中的一套类Unix自由操作系统。 FreeBSD ICMP v6 SCTP包头存在拒绝服务漏洞，该漏洞产生的原因是，未能正确处理SCTP协议的包头，当接收来自ICMPv6的错误信息时就会触发该漏洞。允许攻击者通过发送特制ICMPv6报文的形式，进行拒绝服务攻击。

Severity

中

Patch Name

FreeBSD ICMP v6 SCTP包头拒绝服务漏洞的补丁

Patch Description

Formal description

目前厂商已经发布升级补丁/版本以修复这个安全问题，请用户及时下载更新： https://security.freebsd.org/patches/SA-16:01/sctp.patch

Reference

http://blog.ptsecurity.com/2016/01/severe-vulnerabilities-detected-in.html

Impacted products

Name
['FreeBSD FreeBSD 10.1', 'FreeBSD FreeBSD 9.3', 'FreeBSD FreeBSD 10.2']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-1879"
    }
  },
  "description": "FreeBSD\u662f\u7531Core Team\u56e2\u961f\u8d1f\u8d23\u7684FreeBSD\u9879\u76ee\u4e2d\u7684\u4e00\u5957\u7c7bUnix\u81ea\u7531\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nFreeBSD ICMP v6 SCTP\u5305\u5934\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u4ea7\u751f\u7684\u539f\u56e0\u662f\uff0c\u672a\u80fd\u6b63\u786e\u5904\u7406SCTP\u534f\u8bae\u7684\u5305\u5934\uff0c\u5f53\u63a5\u6536\u6765\u81eaICMPv6\u7684\u9519\u8bef\u4fe1\u606f\u65f6\u5c31\u4f1a\u89e6\u53d1\u8be5\u6f0f\u6d1e\u3002\u5141\u8bb8\u653b\u51fb\u8005\u901a\u8fc7\u53d1\u9001\u7279\u5236ICMPv6\u62a5\u6587\u7684\u5f62\u5f0f\uff0c\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002",
  "discovererName": "Root",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u5347\u7ea7\u8865\u4e01/\u7248\u672c\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u7528\u6237\u53ca\u65f6\u4e0b\u8f7d\u66f4\u65b0\uff1a\r\nhttps://security.freebsd.org/patches/SA-16:01/sctp.patch",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-00682",
  "openTime": "2016-01-29",
  "patchDescription": "FreeBSD\u662f\u7531Core Team\u56e2\u961f\u8d1f\u8d23\u7684FreeBSD\u9879\u76ee\u4e2d\u7684\u4e00\u5957\u7c7bUnix\u81ea\u7531\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nFreeBSD ICMP v6 SCTP\u5305\u5934\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u4ea7\u751f\u7684\u539f\u56e0\u662f\uff0c\u672a\u80fd\u6b63\u786e\u5904\u7406SCTP\u534f\u8bae\u7684\u5305\u5934\uff0c\u5f53\u63a5\u6536\u6765\u81eaICMPv6\u7684\u9519\u8bef\u4fe1\u606f\u65f6\u5c31\u4f1a\u89e6\u53d1\u8be5\u6f0f\u6d1e\u3002\u5141\u8bb8\u653b\u51fb\u8005\u901a\u8fc7\u53d1\u9001\u7279\u5236ICMPv6\u62a5\u6587\u7684\u5f62\u5f0f\uff0c\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "FreeBSD ICMP v6 SCTP\u5305\u5934\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "FreeBSD FreeBSD 10.1",
      "FreeBSD FreeBSD 9.3",
      "FreeBSD FreeBSD 10.2"
    ]
  },
  "referenceLink": "http://blog.ptsecurity.com/2016/01/severe-vulnerabilities-detected-in.html",
  "serverity": "\u4e2d",
  "submitTime": "2016-01-26",
  "title": "FreeBSD ICMP v6 SCTP\u5305\u5934\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

CVE-2016-1879 (GCVE-0-2016-1879)

Vulnerability from cvelistv5 – Published: 2016-01-29 19:00 – Updated: 2024-08-05 23:10

Summary

The Stream Control Transmission Protocol (SCTP) module in FreeBSD 9.3 before p33, 10.1 before p26, and 10.2 before p9, when the kernel is configured for IPv6, allows remote attackers to cause a denial of service (assertion failure or NULL pointer dereference and kernel panic) via a crafted ICMPv6 packet.

Severity

No CVSS data available.

CWE

Assigner

mitre

References

4 references

URL	Tags
https://www.exploit-db.com/exploits/39305/	exploitx_refsource_EXPLOIT-DB
https://www.freebsd.org/security/advisories/FreeB…	vendor-advisoryx_refsource_FREEBSD
http://www.securitytracker.com/id/1034673	vdb-entryx_refsource_SECTRACK
http://packetstormsecurity.com/files/135369/FreeB…	x_refsource_MISC

Date Public

2016-01-14 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:10:39.888Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "39305",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/39305/"
          },
          {
            "name": "FreeBSD-SA-16:01",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:01.sctp.asc"
          },
          {
            "name": "1034673",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034673"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/135369/FreeBSD-SCTP-ICMPv6-Denial-Of-Service.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-14T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Stream Control Transmission Protocol (SCTP) module in FreeBSD 9.3 before p33, 10.1 before p26, and 10.2 before p9, when the kernel is configured for IPv6, allows remote attackers to cause a denial of service (assertion failure or NULL pointer dereference and kernel panic) via a crafted ICMPv6 packet."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-09T09:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "39305",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/39305/"
        },
        {
          "name": "FreeBSD-SA-16:01",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:01.sctp.asc"
        },
        {
          "name": "1034673",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034673"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/135369/FreeBSD-SCTP-ICMPv6-Denial-Of-Service.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-1879",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Stream Control Transmission Protocol (SCTP) module in FreeBSD 9.3 before p33, 10.1 before p26, and 10.2 before p9, when the kernel is configured for IPv6, allows remote attackers to cause a denial of service (assertion failure or NULL pointer dereference and kernel panic) via a crafted ICMPv6 packet."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "39305",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/39305/"
            },
            {
              "name": "FreeBSD-SA-16:01",
              "refsource": "FREEBSD",
              "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:01.sctp.asc"
            },
            {
              "name": "1034673",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034673"
            },
            {
              "name": "http://packetstormsecurity.com/files/135369/FreeBSD-SCTP-ICMPv6-Denial-Of-Service.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/135369/FreeBSD-SCTP-ICMPv6-Denial-Of-Service.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-1879",
    "datePublished": "2016-01-29T19:00:00.000Z",
    "dateReserved": "2016-01-13T00:00:00.000Z",
    "dateUpdated": "2024-08-05T23:10:39.888Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2016-00682

CVE-2016-1879 (GCVE-0-2016-1879)

Tags

Sightings

Nomenclature