#VU45055 Buffer overflow in NetBSD - CVE-2011-1547
Published: May 9, 2011 / Updated: August 11, 2020
Vulnerability identifier: #VU45055
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Green
CVE-ID: CVE-2011-1547
CWE-ID: CWE-119
Exploitation vector: Remote access
Exploit availability:
Public exploit is available
Vulnerable software:
NetBSD
NetBSD
Software vendor:
NetBSD Foundation, Inc
NetBSD Foundation, Inc
Description
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Multiple stack consumption vulnerabilities in the kernel in NetBSD 4.0, 5.0 before 5.0.3, and 5.1 before 5.1.1, when IPsec is enabled, allow remote attackers to cause a denial of service (memory corruption and panic) or possibly have unspecified other impact via a crafted (1) IPv4 or (2) IPv6 packet with nested IPComp headers.
Remediation
Install update from vendor's website.