National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

CVE-2007-2242 Detail

Description

The IPv6 protocol allows remote attackers to cause a denial of service via crafted IPv6 type 0 route headers (IPV6_RTHDR_TYPE_0) that create network amplification between two routers.

Source:  MITRE      Last Modified:  04/25/2007

Quick Info

CVE Dictionary Entry:
CVE-2007-2242
Original release date:
04/25/2007
Last revised:
10/10/2017
Source:
US-CERT/NIST

Impact

CVSS Severity (version 2.0):
CVSS v2 Base Score:
7.8 HIGH
Vector:
(AV:N/AC:L/Au:N/C:N/I:N/A:C) (legend)
Impact Subscore:
6.9
Exploitability Subscore:
10.0
CVSS Version 2 Metrics:
Access Vector:
Network exploitable
Access Complexity:
Low
Authentication:
Not required to exploit
Impact Type:
Allows disruption of service

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource Type Source Name
http://docs.info.apple.com/article.html?artnum=305712 External Source CONFIRM http://docs.info.apple.com/article.html?artnum=305712
http://docs.info.apple.com/article.html?artnum=306375 External Source CONFIRM http://docs.info.apple.com/article.html?artnum=306375
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html External Source SUSE SUSE-SA:2008:006
http://openbsd.org/errata39.html#022_route6 External Source OPENBSD [3.9] 20070423 022: SECURITY FIX: April 23, 2007
http://openbsd.org/errata40.html#012_route6 External Source OPENBSD [4.0] 20070423 012: SECURITY FIX: April 23, 2007
http://security.freebsd.org/advisories/FreeBSD-SA-07:03.ipv6.asc External Source FREEBSD FreeBSD-SA-07:03.ipv6
http://www.kb.cert.org/vuls/id/267289 US Government Resource External Source CERT-VN VU#267289
http://www.mandriva.com/security/advisories?name=MDKSA-2007:171 External Source MANDRIVA MDKSA-2007:171
http://www.mandriva.com/security/advisories?name=MDKSA-2007:196 External Source MANDRIVA MDKSA-2007:196
http://www.mandriva.com/security/advisories?name=MDKSA-2007:216 External Source MANDRIVA MDKSA-2007:216
http://www.novell.com/linux/security/advisories/2007_51_kernel.html External Source SUSE SUSE-SA:2007:051
http://www.redhat.com/support/errata/RHSA-2007-0347.html External Source REDHAT RHSA-2007:0347
http://www.secdev.org/conf/IPv6_RH_security-csw07.pdf External Source MISC http://www.secdev.org/conf/IPv6_RH_security-csw07.pdf
http://www.securityfocus.com/archive/1/471457 External Source BUGTRAQ 20070615 rPSA-2007-0124-1 kernel xen
http://www.securityfocus.com/archive/1/archive/1/467939/30/6690/threaded External Source BUGTRAQ 20070508 FLEA-2007-0016-1: kernel
http://www.securityfocus.com/bid/23615 Patch External Source BID 23615
http://www.securitytracker.com/id?1017949 External Source SECTRACK 1017949
http://www.ubuntu.com/usn/usn-486-1 External Source UBUNTU USN-486-1
http://www.ubuntu.com/usn/usn-508-1 External Source UBUNTU USN-508-1
http://www.vupen.com/english/advisories/2007/1563 External Source VUPEN ADV-2007-1563
http://www.vupen.com/english/advisories/2007/2270 External Source VUPEN ADV-2007-2270
http://www.vupen.com/english/advisories/2007/3050 External Source VUPEN ADV-2007-3050
https://exchange.xforce.ibmcloud.com/vulnerabilities/33851 External Source XF openbsd-ipv6-type0-dos(33851)
https://issues.rpath.com/browse/RPL-1310 External Source CONFIRM https://issues.rpath.com/browse/RPL-1310
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9574 External Source OVAL oval:org.mitre.oval:def:9574

References to Check Content

Identifier:
oval:org.mitre.oval:def:9574
Check System:
http://oval.mitre.org/XMLSchema/oval-definitions-5
Hyperlink:
http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:9574

Technical Details

Vulnerability Type (View All)

Change History 4 change records found - show changes