FreeBSD : FreeBSD -- Denial of Service with IPv6 Router Advertisements (0bb55a18-600a-11e6-a6c3-14dae9d210b8)

Medium Nessus Plugin ID 92888


The remote FreeBSD host is missing one or more security-related updates.


The Neighbor Discover Protocol allows a local router to advertise a suggested Current Hop Limit value of a link, which will replace Current Hop Limit on an interface connected to the link on the FreeBSD system. Impact : When the Current Hop Limit (similar to IPv4's TTL) is small, IPv6 packets may get dropped before they reached their destinations.

By sending specifically crafted Router Advertisement packets, an attacker on the local network can cause the FreeBSD system to lose the ability to communicate with another IPv6 node on a different network.


Update the affected packages.

See Also

Plugin Details

Severity: Medium

ID: 92888

File Name: freebsd_pkg_0bb55a18600a11e6a6c314dae9d210b8.nasl

Version: $Revision: 2.1 $

Type: local

Published: 2016/08/12

Modified: 2016/08/12

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:FreeBSD-kernel, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info, Settings/ParanoidReport

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2016/08/11

Vulnerability Publication Date: 2015/04/07

Reference Information

CVE: CVE-2015-2923

BID: 74713

FreeBSD: SA-15:09.ipv6