CVE-2011-3605Improper Input Validation in Router Advertisement Daemon

CWE-20Improper Input Validation9 documents8 sources
Severity
5.0MEDIUMNVD
EPSS
0.5%
top 33.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Litech Router Advertisement Daemon
Timeline
PublishedFeb 17
Latest updateMay 17

Description

The process_rs function in the router advertisement daemon (radvd) before 1.8.2, when UnicastOnly is enabled, allows remote attackers to cause a denial of service (temporary service hang) via a large number of ND_ROUTER_SOLICIT requests.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

3
GHSA
GHSA-36g7-6j5j-3c5c: The process_rs function in the router advertisement daemon (radvd) before 12022-05-17
CVEList
CVE-2011-3605: The process_rs function in the router advertisement daemon (radvd) before 12014-02-17
OSV
CVE-2011-3605: The process_rs function in the router advertisement daemon (radvd) before 12014-02-17

📋Vendor Advisories

3
Ubuntu
radvd vulnerabilities2011-11-10
Red Hat
radvd: temporary denial of service flaw in process_rs()2011-10-04
Debian
CVE-2011-3605: radvd - The process_rs function in the router advertisement daemon (radvd) before 1.8.2,...2011

💬Community

2
Bugzilla
CVE-2011-3601 CVE-2011-3602 CVE-2011-3604 CVE-2011-3605 radvd various flaws [fedora-all]2011-10-07
Bugzilla
CVE-2011-3605 radvd: temporary denial of service flaw in process_rs()2011-10-05
CVE-2011-3605 — Improper Input Validation | cvebase