CVE Vulnerabilities

CVE-2003-0653

Published: Aug 27, 2003 | Modified: Sep 10, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier does not use a BSD-required PKTHDR mbuf when sending certain error responses to the sender of an OSI packet, which allows remote attackers to cause a denial of service (kernel panic or crash) via certain OSI packets.

Affected Software

Name Vendor Start Version End Version
Netbsd Netbsd 1.5 1.5
Netbsd Netbsd 1.5.1 1.5.1
Netbsd Netbsd 1.5.2 1.5.2
Netbsd Netbsd 1.5.3 1.5.3
Netbsd Netbsd 1.6 1.6
Netbsd Netbsd 1.6.1 1.6.1

References