CVE-2011-3601

EUVD-2011-3560
Buffer overflow in the process_ra function in the router advertisement daemon (radvd) before 1.8.2 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative value in a label_len value.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 82%
Affected Products (NVD)
VendorProductVersion
litechrouter_advertisement_daemon
𝑥
≤ 1.8.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
radvd
bookworm
1:2.19-1
fixed
bullseye
1:2.18-3
fixed
lenny
not-affected
sid
1:2.19-2.1
fixed
squeeze
not-affected
trixie
1:2.19-2.1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
radvd
hardy
ignored
lucid
not-affected
maverick
not-affected
natty
Fixed 1:1.7-1ubuntu0.1
released
oneiric
Fixed 1:1.8-1ubuntu0.1
released
Common Weakness Enumeration
References
http://www.litech.org/radvd/CHANGES
http://www.openwall.com/lists/oss-security/2011/10/06/3
http://www.ubuntu.com/usn/USN-1257-1
http://www.litech.org/radvd/CHANGES
http://www.openwall.com/lists/oss-security/2011/10/06/3
http://www.ubuntu.com/usn/USN-1257-1