Executive Summary
Summary | |
---|---|
Title | IPv6 implementations insecurely update Forwarding Information Base |
Informations | |||
---|---|---|---|
Name | VU#472363 | First vendor Publication | 2008-10-02 |
Vendor | VU-CERT | Last vendor Modification | 2009-01-12 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#472363IPv6 implementations insecurely update Forwarding Information BaseOverviewA vulnerability in some implementations of the IPv6 Neighbor Discovery Protocol may allow a nearby attacker to intercept traffic or cause congested links to become overloaded.I. DescriptionIPv6 networks use the Neighbor Discovery Protocol (NDP) to detect and locate routers and other on-link IPv6 nodes. NDP uses ICMPv6 types 133, 134, 135, and 136. Neighbor solicitation (type 135) messages are used by NDP to discover and determine the reachability of nearby IPv6 nodes. Nodes that can send each other NDP messages are considered to be on-link (as per RFC 4861).After receiving a neighbor solicitation request from a system that is on-link and is using a spoofed IPv6 address as the source address, a router will create a neighbor cache entry. When this entry is made, some IPv6 implementations will create a Forwarding Information Base (FIB) entry. This FIB entry may cause the router to incorrectly forward traffic to the device that sent original spoofed neighbor solicitation request. Block packets with illogical source addresses
References
Thanks to David Miles for reporting this vulnerability. Numerous vendors and others also provided technical information that was used in this report. This document was written by Ryan Giobbi, Evan Wright, Chad Dougherty, and Art Manion.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/472363 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:5670 | |||
Oval ID: | oval:org.mitre.oval:def:5670 | ||
Title: | HP-UX Running IPv6, Remote Denial of Service (DoS) and Unauthorized Access | ||
Description: | The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB). | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-2476 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Os | 1 | |
Os | 2 | |
Os | 1 | |
Os | 1 | |
Os | 1 | |
Os | 2 | |
Os | 5 |
OpenVAS Exploits
Date | Description |
---|---|
2009-05-05 | Name : HP-UX Update for IPv6 HPSBUX02407 File : nvt/gb_hp_ux_HPSBUX02407.nasl |
2008-10-03 | Name : FreeBSD Security Advisory (FreeBSD-SA-08:10.nd6.asc) File : nvt/freebsdsa_nd6.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
52494 | Apple Multiple Products IPv6 Neighbor Discovery Protocol Neighbor Solicitatio... |
49407 | NetBSD IPv6 Neighbor Discovery Protocol Neighbor Solicitation Spoofing |
48991 | IBM zSeries IPv6 Neighbor Discovery Protocol Neighbor Solicitation Spoofing |
48989 | Juniper Multiple Products IPv6 Neighbor Discovery Protocol Neighbor Solicitat... |
48745 | Force10 FTOS Routers IPv6 Neighbor Discovery Protocol Neighbor Solicitation S... |
48744 | OpenBSD IPv6 Neighbor Discovery Protocol Neighbor Solicitation Spoofing |
48702 | FreeBSD IPv6 Neighbor Discovery Protocol Neighbor Solicitation Spoofing |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2008-10-09 | IAVM : 2008-B-0070 - Multiple Vendors IPv6 Neighbor Discovery Protocol Spoofing Vulnerability Severity : Category II - VMSKEY : V0017557 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-01-28 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL9528.nasl - Type : ACT_GATHER_INFO |
2009-02-12 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHNE_37897.nasl - Type : ACT_GATHER_INFO |
2009-02-12 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHNE_37898.nasl - Type : ACT_GATHER_INFO |
2009-02-12 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHNE_38680.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2016-01-29 13:26:20 |
|