Multiple Vendors IPv6 Neighbor Discovery Protocol Implementation Address Spoofing Vulnerability
Schweregrad: : Crítico
Identificador(es) CVE: : CVE-2008-2476
Data do informe: 21 julho 2015
Descrição
The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB).
Exposição das informações
Apply associated Trend Micro DPI Rules.
Software infectado e versão:
- force10 ftos
- freebsd freebsd 6.3
- freebsd freebsd 7.1
- juniper jnos
- netbsd netbsd
- openbsd openbsd 4.2
- openbsd openbsd 4.3
- windriver vxworks 5
- windriver vxworks 5.5
- windriver vxworks 6.4