Test ID:	1.3.6.1.4.1.25623.1.0.58247
Category:	FreeBSD Local Security Checks
Title:	FreeBSD Security Advisory (FreeBSD-SA-07:03.ipv6.asc)
Summary:	The remote host is missing an update to the system; as announced in the referenced advisory FreeBSD-SA-07:03.ipv6.asc
Description:	Summary: The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-07:03.ipv6.asc Vulnerability Insight: IPv6 provides a routing header option which allows a packet sender to indicate how the packet should be routed, overriding the routing knowledge present in a network. This functionality is roughly equivalent to the source routing option in IPv4. All nodes in an IPv6 network -- both routers and hosts -- are required by RFC 2640 to process such headers. There is no mechanism for preventing IPv6 routing headers from being used to route packets over the same link(s) many times. Solution: Upgrade your system to the appropriate stable release or security branch dated after the correction date. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-2242 BugTraq ID: 23615 http://www.securityfocus.com/bid/23615 Bugtraq: 20070508 FLEA-2007-0016-1: kernel (Google Search) http://www.securityfocus.com/archive/1/467939/30/6690/threaded Bugtraq: 20070615 rPSA-2007-0124-1 kernel xen (Google Search) http://www.securityfocus.com/archive/1/471457 CERT/CC vulnerability note: VU#267289 http://www.kb.cert.org/vuls/id/267289 FreeBSD Security Advisory: FreeBSD-SA-07:03.ipv6 http://security.freebsd.org/advisories/FreeBSD-SA-07:03.ipv6.asc http://www.mandriva.com/security/advisories?name=MDKSA-2007:171 http://www.mandriva.com/security/advisories?name=MDKSA-2007:196 http://www.mandriva.com/security/advisories?name=MDKSA-2007:216 http://www.secdev.org/conf/IPv6_RH_security-csw07.pdf OpenBSD Security Advisory: [3.9] 20070423 022: SECURITY FIX: April 23, 2007 http://openbsd.org/errata39.html#022_route6 OpenBSD Security Advisory: [4.0] 20070423 012: SECURITY FIX: April 23, 2007 http://openbsd.org/errata40.html#012_route6 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9574 http://www.redhat.com/support/errata/RHSA-2007-0347.html http://www.securitytracker.com/id?1017949 http://secunia.com/advisories/24978 http://secunia.com/advisories/25033 http://secunia.com/advisories/25068 http://secunia.com/advisories/25083 http://secunia.com/advisories/25288 http://secunia.com/advisories/25691 http://secunia.com/advisories/25770 http://secunia.com/advisories/26133 http://secunia.com/advisories/26620 http://secunia.com/advisories/26651 http://secunia.com/advisories/26664 http://secunia.com/advisories/26703 http://secunia.com/advisories/28806 SuSE Security Announcement: SUSE-SA:2007:051 (Google Search) http://www.novell.com/linux/security/advisories/2007_51_kernel.html SuSE Security Announcement: SUSE-SA:2008:006 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html http://www.ubuntu.com/usn/usn-486-1 http://www.ubuntu.com/usn/usn-508-1 http://www.vupen.com/english/advisories/2007/1563 http://www.vupen.com/english/advisories/2007/2270 http://www.vupen.com/english/advisories/2007/3050 XForce ISS Database: openbsd-ipv6-type0-dos(33851) https://exchange.xforce.ibmcloud.com/vulnerabilities/33851
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.