FreeBSD : openvswitch -- MPLS buffer overflow (b53bbf58-257f-11e6-9f4d-20cf30e32f6d)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Open vSwitch reports :

Multiple versions of Open vSwitch are vulnerable to remote buffer
overflow attacks, in which crafted MPLS packets could overflow the
buffer reserved for MPLS labels in an OVS internal data structure. The
MPLS packets that trigger the vulnerability and the potential for
exploitation vary depending on version :

Open vSwitch 2.1.x and earlier are not vulnerable.

In Open vSwitch 2.2.x and 2.3.x, the MPLS buffer overflow can be
exploited for arbitrary remote code execution.

In Open vSwitch 2.4.x, the MPLS buffer overflow does not obviously
lead to a remote code execution exploit, but testing shows that it can
allow a remote denial of service. See the mitigation section for
details.

Open vSwitch 2.5.x is not vulnerable.

See also :

http://openvswitch.org/pipermail/announce/2016-March/000082.html
http://openvswitch.org/pipermail/announce/2016-March/000083.html
http://www.nessus.org/u?a7d41b75

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 91375 ()

Bugtraq ID:

CVE ID: CVE-2016-2074

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now