Intrusion Prevention

FreeBSD.rtsold.dname_labeldec.Stack.Buffer.Overflow

Description

This indicates an attack attempt to exploit a Stack-based Buffer Overflow vulnerability in FreeBSD Kernel.
The vulnerability is caused by an error when the vulnerable software handles maliciously crafted Router Advertisement packets. A remote attacker may be able to exploit this to execute arbitrary code within the context of the affected server.

Affected Products

FreeBSD Project FreeBSD prior to releng/10.0, 10.0-RELEASE-p10
FreeBSD Project FreeBSD prior to releng/10.1, 10.1-BETA3-p1
FreeBSD Project FreeBSD prior to releng/10.1, 10.1-RC1-p1
FreeBSD Project FreeBSD prior to releng/10.1, 10.1-RC2-p1
FreeBSD Project FreeBSD prior to releng/9.1, 9.1-RELEASE-p20
FreeBSD Project FreeBSD prior to releng/9.2, 9.2-RELEASE-p13
FreeBSD Project FreeBSD prior to releng/9.3, 9.3-RELEASE-p3
FreeBSD Project FreeBSD prior to stable/10, 10.1-PRERELEASE
FreeBSD Project FreeBSD prior to stable/9, 9.3-STABLE

Impact

System Compromise: Remote attackers can gain control of vulnerable systems

Recommended Actions

Apply the latest update from the vendor
https://www.freebsd.org/security/advisories/FreeBSD-SA-14:20.rtsold.asc

CVE References

CVE-2014-3954