Vulnerability Report

CVE-2007-2242

Title: Ietf Ipv6 Denial of Service (DoS)

Denial of Service (DoS)

Proof Of Concept

No public PoC currently indexed for CVE-2007-2242.

CWE Category NVD-CWE-noinfo

Published Date Apr 25, 2007

Modified Date Apr 09, 2025

Exploit Status Not Found

Score 7.8 CVSS v2.0

Exploit Probability (EPSS)

33.38%

Vulnerability Summary

CVE-2007-2242: The IPv6 protocol allows remote attackers to cause a denial of service via crafted IPv6 type 0 route headers (IPV6_RTHDR_TYPE_0) that create network amplification between two routers.

Impacted Vendors

ietf 1

Reference Links

http://docs.info.apple.com/article.html?artnum=305712 http://docs.info.apple.com/article.html?artnum=306375 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html http://openbsd.org/errata39.html#022_route6 http://openbsd.org/errata40.html#012_route6 http://secunia.com/advisories/24978 http://secunia.com/advisories/25033 http://secunia.com/advisories/25068 http://secunia.com/advisories/25083 http://secunia.com/advisories/25288 http://secunia.com/advisories/25691 http://secunia.com/advisories/25770 http://secunia.com/advisories/26133 http://secunia.com/advisories/26620 http://secunia.com/advisories/26651 http://secunia.com/advisories/26664 http://secunia.com/advisories/26703 http://secunia.com/advisories/28806 http://security.freebsd.org/advisories/FreeBSD-SA-07:03.ipv6.asc http://www.kb.cert.org/vuls/id/267289 http://www.mandriva.com/security/advisories?name=MDKSA-2007:171 http://www.mandriva.com/security/advisories?name=MDKSA-2007:196 http://www.mandriva.com/security/advisories?name=MDKSA-2007:216 http://www.novell.com/linux/security/advisories/2007_51_kernel.html http://www.redhat.com/support/errata/RHSA-2007-0347.html http://www.secdev.org/conf/IPv6_RH_security-csw07.pdf http://www.securityfocus.com/archive/1/467939/30/6690/threaded http://www.securityfocus.com/archive/1/471457 http://www.securityfocus.com/bid/23615 http://www.securitytracker.com/id?1017949 http://www.ubuntu.com/usn/usn-486-1 http://www.ubuntu.com/usn/usn-508-1 http://www.vupen.com/english/advisories/2007/1563 http://www.vupen.com/english/advisories/2007/2270 http://www.vupen.com/english/advisories/2007/3050 https://exchange.xforce.ibmcloud.com/vulnerabilities/33851 https://issues.rpath.com/browse/RPL-1310 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9574 http://docs.info.apple.com/article.html?artnum=305712 http://docs.info.apple.com/article.html?artnum=306375 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html http://openbsd.org/errata39.html#022_route6 http://openbsd.org/errata40.html#012_route6 http://secunia.com/advisories/24978 http://secunia.com/advisories/25033 http://secunia.com/advisories/25068 http://secunia.com/advisories/25083 http://secunia.com/advisories/25288 http://secunia.com/advisories/25691 http://secunia.com/advisories/25770 http://secunia.com/advisories/26133 http://secunia.com/advisories/26620 http://secunia.com/advisories/26651 http://secunia.com/advisories/26664 http://secunia.com/advisories/26703 http://secunia.com/advisories/28806 http://security.freebsd.org/advisories/FreeBSD-SA-07:03.ipv6.asc http://www.kb.cert.org/vuls/id/267289 http://www.mandriva.com/security/advisories?name=MDKSA-2007:171 http://www.mandriva.com/security/advisories?name=MDKSA-2007:196 http://www.mandriva.com/security/advisories?name=MDKSA-2007:216 http://www.novell.com/linux/security/advisories/2007_51_kernel.html http://www.redhat.com/support/errata/RHSA-2007-0347.html http://www.secdev.org/conf/IPv6_RH_security-csw07.pdf http://www.securityfocus.com/archive/1/467939/30/6690/threaded http://www.securityfocus.com/archive/1/471457 http://www.securityfocus.com/bid/23615 http://www.securitytracker.com/id?1017949 http://www.ubuntu.com/usn/usn-486-1 http://www.ubuntu.com/usn/usn-508-1 http://www.vupen.com/english/advisories/2007/1563 http://www.vupen.com/english/advisories/2007/2270 http://www.vupen.com/english/advisories/2007/3050 https://exchange.xforce.ibmcloud.com/vulnerabilities/33851 https://issues.rpath.com/browse/RPL-1310 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9574

CVSS v2.0

Source Entity [email protected]

Severity HIGH

7.8

Access Vector

N/A

Authentication

N/A

RAW VECTOR AV:N/AC:L/Au:N/C:N/I:N/A:C

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2007-2242 Exploits & PoCs (Proof Of Concept)

No public PoCs found in our database for this CVE.

April 09, 2025 MODIFIED

Vulnerability data or affected products updated.

April 25, 2007 PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A

Complexity N/A

Privileges N/A

Interaction NONE

CVSS Vector String


                                    AV:N/AC:L/Au:N/C:N/I:N/A:C

Affected Stack

No specific products linked.