Vulnerability Description
Multiple stack consumption vulnerabilities in the kernel in NetBSD 4.0, 5.0 before 5.0.3, and 5.1 before 5.1.1, when IPsec is enabled, allow remote attackers to cause a denial of service (memory corruption and panic) or possibly have unspecified other impact via a crafted (1) IPv4 or (2) IPv6 packet with nested IPComp headers.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netbsd | Netbsd | 4.0 |
Related Weaknesses (CWE)
References
- http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-004.txt.ascVendor Advisory
- http://lists.grok.org.uk/pipermail/full-disclosure/2011-April/080031.html
- http://www.kb.cert.org/vuls/id/668220US Government Resource
- http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-004.txt.ascVendor Advisory
- http://lists.grok.org.uk/pipermail/full-disclosure/2011-April/080031.html
- http://www.kb.cert.org/vuls/id/668220US Government Resource
FAQ
What is CVE-2011-1547?
CVE-2011-1547 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Multiple stack consumption vulnerabilities in the kernel in NetBSD 4.0, 5.0 before 5.0.3, and 5.1 before 5.1.1, when IPsec is enabled, allow remote attackers to cause a denial of service (memory corru...
How severe is CVE-2011-1547?
CVE-2011-1547 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-1547?
Check the references section above for vendor advisories and patch information. Affected products include: Netbsd Netbsd.