VDB
CVE-2011-1547
CVE-2011-1547
PUBLISHED
CVSS 6.800000190734863 MEDIUM
Multiple stack consumption vulnerabilities in the kernel in NetBSD 4.0, 5.0 before 5.0.3, and 5.1 before 5.1.1, when IPsec is enabled, allow remote attackers to cause a denial of service (memory corruption and panic) or possibly have unspecified other impact via a crafted (1) IPv4 or (2) IPv6 packet with nested IPComp headers.
EPSS 38.43% · 97.3th percentile
Risk Scores
CVSS 2.0
6.800000190734863
EPSS Score
38.43%
97.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| netbsd | netbsd | 4.0, 5.0.1, 5.0.2 |
| n/a | n/a | * |
Timeline
- Apr 1, 2011 CVE Published
- Apr 2, 2011 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Sep 7, 2023 EPSS Score
References
- VU#668220 third-party-advisory
- NetBSD-SA2011-004 vendor-advisory
- 20110401 BSD derived RFC3173 IPComp encapsulation will expand arbitrarily nested payload mailing-list
- https://nvd.nist.gov/vuln/detail/CVE-2011-1547 advisory