FreeBSD : FreeBSD -- routed(8) remote denial of service vulnerability (0d584493-600a-11e6-a6c3-14dae9d210b8)

Medium Nessus Plugin ID 92893


The remote FreeBSD host is missing one or more security-related updates.


The input path in routed(8) will accept queries from any source and attempt to answer them. However, the output path assumes that the destination address for the response is on a directly connected network. Impact : Upon receipt of a query from a source which is not on a directly connected network, routed(8) will trigger an assertion and terminate. The affected system's routing table will no longer be updated. If the affected system is a router, its routes will eventually expire from other routers' routing tables, and its networks will no longer be reachable unless they are also connected to another router.


Update the affected packages.

See Also

Plugin Details

Severity: Medium

ID: 92893

File Name: freebsd_pkg_0d584493600a11e6a6c314dae9d210b8.nasl

Version: 2.3

Type: local

Published: 2016/08/12

Modified: 2018/03/19

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P


Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:FreeBSD, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info, Settings/ParanoidReport

Patch Publication Date: 2016/08/11

Vulnerability Publication Date: 2015/08/05

Reference Information

CVE: CVE-2015-5674

FreeBSD: SA-15:19.routed