The IPv6 Portal · IPv6 news · newsroom

1280x800
1024x768
800x600

You are using IPv4 from 216.73.217.61

Main Headlines
	New IPv6 Book "IPv6 for All"
	Enable project releases Mobility publication
	The Choice: IPv4 Exhaustion or Transition to IPv6

Consulintel: logos

Designed by SuS

SEARCH

Are you a...?

Keep informed, visit our

Tell us your thoughts

on IPv6 > POLL

Looking for an

IPv6 Task Force? >

Questions? > FAQS

Jump to PROJECTS

000 members

036 guests

LOGIN
Password

Not member yet?

Get "extras". Register

Search Bar Plug-in

Firefox IE7

Other News

China Develops Core Router for Next-generation Net

(Apr 03, 2004)

Pannaway Unveils Triple Play Solution

(Apr 03, 2004)

Network Security Symposium 2003

(Apr 03, 2004)

SIPfoundry Opens Online Open Source Development Community

(Apr 03, 2004)

Falling prices to boost DSL use

(Apr 03, 2004)

Our Man In Charge Of IPv6

(Apr 03, 2004)

NetScreen Achieves IPv6 Interop

(Apr 03, 2004)

Advanced Routing Suite Version With Extended IPv6

(Apr 03, 2004)

Optimizing your TCP/IP

(Apr 03, 2004)

FreeBSD IPv6 "setsockopt()" Input Validation Vulnerability

(Mar 30, 2004)

Cisco demos IPv6 readiness

(Mar 30, 2004)

NetScreen Demonstrates IPv6 Solution Interoperability; Secures Testing Site

(Mar 30, 2004)

Interpeak Launches IPv4/IPv6 Protocol Software Suite for Edge Equipment Vendors

(Mar 30, 2004)

FreeBSD IPv6 "setsockopt()" Input Validation Vulnerability
Posted by: Jordi on Tuesday, March 30, 2004 - 08:05 PM
(221140 Reads) comments?
	Katsuhisa ABE and Colin Percival have discovered a vulnerability in FreeBSD, which can be exploited by malicious, local users to gain knowledge of sensitive information or cause a DoS (Denial-of-Service).
	The vulnerability is caused due to an input validation error within the "setsockopt()" system call when handling certain IPv6 socket options. This can be exploited to access portions of kernel memory. Complete information at Secunia.