Bug#684072: CVE-2011-2393

2015-02-13 Thread Michael Gilbert
control: reopen -1 This was closed with the removal of src:freebsd-9, but there hasn't been any actual upstream activity and no real details to be found anywhere, so it is still likely unfixed in kfreebsd-10. Best wishes, Mike -- To UNSUBSCRIBE, email to debian-bsd-requ...@lists.debian.org wit

Bug#684072: CVE-2011-2393: ICMPv6 Router Announcement flooding DoS

2013-07-29 Thread Steven Chamberlain
On 29/07/13 22:40, Steven Chamberlain wrote: > # ifconfig xn0 ifdisabled > ifconfig: ioctl(SIOCGIFINFO_IN6): Invalid argument > # ifconfig xn0 -accept_rtadv > ifconfig: ioctl(SIOCGIFINFO_IN6): Invalid argument Argh, that needs to be: # ifconfig xn0 inet6 ifdisabled # ifconfig xn0 inet6 -accept_rt

Bug#684072: CVE-2011-2393: ICMPv6 Router Announcement flooding DoS

2013-07-29 Thread Steven Chamberlain
On 07/09/12 17:29, Moritz Muehlenhoff wrote: > What about keeping autoconfig enabled and documenting the potential danger in > README.Debian (or somewhere similar), so that anyone concerned can disable > it locally? It looks like we have a bigger problem than this: I was going to simply write in

Bug#684072: CVE-2011-2393: ICMPv6 Router Announcement flooding DoS

2012-09-07 Thread Moritz Muehlenhoff
On Fri, Aug 31, 2012 at 09:06:35PM +0200, Petr Salinger wrote: > forwarded 684072 http://www.freebsd.org/cgi/query-pr.cgi?pr=158726 > -- > > The description of the problem is: > > When flooding the local network with random router advertisements, > hosts and routers update the network informati

Re: Bug#684072: CVE-2011-2393: ICMPv6 Router Announcement flooding DoS

2012-08-31 Thread Steven Chamberlain
Hi Petr, On 31/08/12 20:06, Petr Salinger wrote: > But we have only two choices > > a) allow autoconfiguration and trust the network to provide correct input >for autoconfiguration These are only accepted link-locally, and if someone can flood the link layer with bogus rtadv packets they cou

Bug#684072: CVE-2011-2393: ICMPv6 Router Announcement flooding DoS

2012-08-31 Thread Petr Salinger
forwarded 684072 http://www.freebsd.org/cgi/query-pr.cgi?pr=158726 -- The description of the problem is: When flooding the local network with random router advertisements, hosts and routers update the network information, consuming all available CPU resources, making the systems unusable a

Bug#684072: CVE-2011-2393

2012-08-06 Thread Moritz Muehlenhoff
Package: kfreebsd-9 Severity: important Tags: security Please see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2393 I'm not sure if there's an upstream fix in the mean time? Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bsd-requ...@lists.debian.org with a subject of "u