CVE-2009-0346

OpenSolaris snv_01-snv_85 - Denial of Service via Self-Encapsulated IP-in-IP Packet

Title source: llm

Description

The IP-in-IP packet processing implementation in the IPsec and IP stacks in the kernel in Sun Solaris 9 and 10, and OpenSolaris snv_01 though snv_85, allows local users to cause a denial of service (panic) via a self-encapsulated packet that lacks IPsec protection.

References (8)

Core 8

Core References

Patch, Vendor Advisory vendor-advisory x_refsource_sunalert

http://sunsolve.sun.com/search/document.do?assetkey=1-66-240086-1

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/33727

Patch x_refsource_confirm

http://sunsolve.sun.com/search/document.do?assetkey=1-21-114344-38-1

Vendor Advisory x_refsource_confirm

http://support.avaya.com/elmodocs2/security/ASA-2009-043.htm

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6088

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/48328

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2009/0365

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/33504

Scores

EPSS 0.0004

EPSS Percentile 14.1%

Details

CWE

CWE-310

Status published

Products (25)

sun/opensolaris snv_01 (2 CPE variants)

sun/opensolaris snv_02 (2 CPE variants)

sun/opensolaris snv_03 (2 CPE variants)

sun/opensolaris snv_04 (2 CPE variants)

sun/opensolaris snv_05 (2 CPE variants)

sun/opensolaris snv_06 (2 CPE variants)

sun/opensolaris snv_07 (2 CPE variants)

sun/opensolaris snv_08 (2 CPE variants)

sun/opensolaris snv_09 (2 CPE variants)

sun/opensolaris snv_10 (2 CPE variants)

... and 15 more

Published Jan 29, 2009

Tracked Since Feb 18, 2026