Description
FreeBSD 6.3, 6.4, 7.1, and 7.2 does not enforce permissions on the SIOCSIFINFO_IN6 IOCTL, which allows local users to modify or disable IPv6 network interfaces, as demonstrated by modifying the MTU.
References (5)
Core 5
Core References
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/35285
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/51044
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1022367
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/35410
Patch, Vendor Advisory vendor-advisory
x_refsource_freebsd
http://security.FreeBSD.org/advisories/FreeBSD-SA-09:10.ipv6.asc
Scores
EPSS
0.0004
EPSS Percentile
13.3%
Details
CWE
CWE-264
Status
published
Products (5)
freebsd/freebsd
6.3 (6 CPE variants)
freebsd/freebsd
6.3_releng
freebsd/freebsd
6.4 (7 CPE variants)
freebsd/freebsd
7.1 (9 CPE variants)
freebsd/freebsd
7.2 (3 CPE variants)
Published
Jun 25, 2009
Tracked Since
Feb 18, 2026