Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
pf incorrectly handles multiple IPv6 fragment headers
Vulnerability Description
In pf packet processing with a 'scrub fragment reassemble' rule, a packet containing multiple IPv6 fragment headers would be reassembled, and then immediately processed. That is, a packet with multiple fragment extension headers would not be recognized as the correct ultimate payload. Instead a packet with multiple IPv6 fragment headers would unexpectedly be interpreted as a fragmented packet, rather than as whatever the real payload is. As a result, IPv6 fragments may bypass pf firewall rules written on the assumption all fragments have been reassembled and, as a result, be forwarded or processed by the host.
CVSS Information
N/A
Vulnerability Type
附加特殊元素净化处理不恰当
Vulnerability Title
FreeBSD 安全漏洞
Vulnerability Description
FreeBSD是FreeBSD基金会的一套类Unix操作系统。 FreeBSD存在安全漏洞,该漏洞源于IPv6片段可能会绕过基于假设所有片段均已重新组装而编写的防火墙规则,并因此由主机转发或处理。
CVSS Information
N/A
Vulnerability Type
N/A