CERTVU:472363IPv6 implementations insecurely update Forwarding Information Base
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.027 Low
EPSS
Percentile
90.4%
Overview
A vulnerability in some implementations of the IPv6 Neighbor Discovery Protocol may allow a nearby attacker to intercept traffic or cause congested links to become overloaded.
Description
IPv6 networks use the Neighbor Discovery Protocol (NDP) to detect and locate routers and other on-link IPv6 nodes. NDP uses ICMPv6 types 133, 134, 135, and 136. Neighbor solicitation (type 135) messages are used by NDP to discover and determine the reachability of nearby IPv6 nodes. Nodes that can send each other NDP messages are considered to be on-link (as per RFC 4861).
After receiving a neighbor solicitation request from a system that is on-link and is using a spoofed IPv6 address as the source address, a router will create a neighbor cache entry. When this entry is made, some IPv6 implementations will create a Forwarding Information Base (FIB) entry. This FIB entry may cause the router to incorrectly forward traffic to the device that sent original spoofed neighbor solicitation request.
Note that an attacker must have IPv6 connectivity to the same router as their target for this vulnerability to be exploited. Although this vulnerability has only a local attack vector (NDP messages are not forwarded by routers), flat IPv6 networks can include many hosts and may cover large geographical distances as compared to IPv4 networks.
Similar problems to this issue have been discussed in RFC 3756 “IPv6 Neighbor Discovery (ND) Trust Models and Threats.”
Impact
An attacker may be able to intercept private network traffic. Receiving the traffic may cause links to become congested or saturated due to the additional bandwidth. Administrators are encouraged to read RFC 3756 for more information about other possible vulnerabilities and impacts.
Solution
Consider the workarounds below and consult your vendor.
Block packets with illogical source addresses
Blocking traffic that originates from unlikely or illogical source addresses (such as addresses which are not on-link or logically part of a network assigned to an interface, such as the antispoof keyword in pf) will protect against this vulnerability. This workaround may cause unintended side-effects such as breaking some non-typical configurations. Vendors may also implement this workaround as a fix.
Use application layer encryption
Applications that use secure authentication and encryption such as https, ssh, and ipsec can mitigate this vulnerability by preventing an attacker from intercepting or parsing any data that received. Note that an attacker will probably still be able to blackhole IP addresses resulting in a local denial of service regardless of the authentication or encryption methods used. As noted in RFC 3971, it is non-trivial to use ipsec to protect the integrity of NDP messages.
Design and deploy segmented networks
In a single IPv6 prefix there are certain trust asumptions and if the same IP range is shared all clients will be considered on-link. Segmenting networks will reduce the likelihood of this and similar vulnerabilities from being exploited. Networks can be segmented by assigning unique prefixes to individual router interfaces or by using VLANs.
Vendor Information
472363
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Apple Computer, Inc. __ Affected
Notified: July 30, 2008 Updated: March 12, 2009
Status
Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
See <http://support.apple.com/kb/HT3467> for more information.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23472363 Feedback>).
Extreme Networks __ Affected
Notified: July 30, 2008 Updated: April 27, 2009
Statement Date: April 24, 2009
Status
Affected
Vendor Statement
IPv6 enabled Extreme Networks products running EXOS software are affected by this vulnerability.
This issue is being tracked by PD4-693410691 for Extreme Networks products running EXOS software.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Force10 Networks, Inc. __ Affected
Notified: July 30, 2008 Updated: September 30, 2008
Statement Date: July 31, 2008
Status
Affected
Vendor Statement
Vendor Information
IPv6 enabled Force10 routers running FTOS, are affected by this vulnerability. The issue has been identified and fixed in our release E7.7.1.1 and all future releases. For a detail of description, impact, workaround and available fix, please visit our website at <https://www.force10networks.com/csportal20/KnowledgeBase/FieldAlerts.aspx> to view the complete text of the Field Alert.
FreeBSD, Inc. __ Affected
Notified: July 30, 2008 Updated: October 02, 2008
Status
Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The FreeBSD Security Team has released the FreeBSD Security Advisory FreeBSD-SA-08:10.nd6 response to this issue.
Addendum
See <http://security.freebsd.org/patches/SA-08:10/nd6-7.patch> for more information.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23472363 Feedback>).
IBM Corporation (zseries) Affected
Notified: July 30, 2008 Updated: August 05, 2008
Statement Date: July 30, 2008
Status
Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Juniper Networks, Inc. __ Affected
Notified: July 30, 2008 Updated: October 02, 2008
Statement Date: October 02, 2008
Status
Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
Juniper has posted a Security Bulletin about this issue addressing the security issues identified by VU#472363.
More information is available to registered customers at https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2008-09-036&viewMode=view
NetBSD __ Affected
Notified: July 30, 2008 Updated: October 29, 2008
Status
Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
See <ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-013.txt.asc/> for more information.
OpenBSD __ Affected
Notified: July 30, 2008 Updated: October 03, 2008
Status
Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
See <http://openbsd.org/errata43.html#006_ndp> for more information.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23472363 Feedback>).
Wind River Systems, Inc. __ Affected
Notified: July 30, 2008 Updated: November 03, 2008
Statement Date: October 31, 2008
Status
Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
Wind River has analyzed VU#472363, and determined that VxWorks versions 6.5 and higher are not affected. However, VxWorks versions 5.x through 6.4 are affected. Register users can access Wind River’s online support for patches, and more in formation by following this link:
<https://portal.windriver.com/cgi-bin/windsurf/downloads/view_binary.cgi?binaryid=118544>
Or contact Wind River technical support for more information:
<http://windriver.com/support/>
3com, Inc. Not Affected
Notified: July 30, 2008 Updated: September 29, 2008
Statement Date: September 26, 2008
Status
Not Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Cisco Systems, Inc. __ Not Affected
Notified: July 30, 2008 Updated: November 07, 2008
Status
Not Affected
Vendor Statement
This is to confirm that no Cisco products are affected by the vulnerability described in Vulnerability Note VU#472363 titled: “IPv6 implementations insecurely update Forward Information Base”.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Computer Associates Not Affected
Notified: July 30, 2008 Updated: October 02, 2008
Status
Not Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Computer Associates eTrust Security Management Not Affected
Notified: July 30, 2008 Updated: October 02, 2008
Status
Not Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
D-Link Systems, Inc. Not Affected
Notified: July 30, 2008 Updated: September 29, 2008
Status
Not Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Debian GNU/Linux Not Affected
Notified: July 30, 2008 Updated: October 02, 2008
Status
Not Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Enterasys Networks __ Not Affected
Notified: July 30, 2008 Updated: September 26, 2008
Statement Date: September 25, 2008
Status
Not Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
Enterasys has researched CERT VU#472363 and concluded that none of the current Enterasys products are vulnerable. To ensure the highest level of security and as an extra precaution, Enterasys recommends being proactive by following network security and product configuration best practices.
F5 Networks, Inc. Not Affected
Notified: July 30, 2008 Updated: September 18, 2008
Statement Date: September 18, 2008
Status
Not Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Foundry Networks, Inc. Not Affected
Notified: July 30, 2008 Updated: October 02, 2008
Statement Date: October 01, 2008
Status
Not Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
McAfee Not Affected
Notified: July 30, 2008 Updated: September 18, 2008
Statement Date: September 18, 2008
Status
Not Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Microsoft Corporation __ Not Affected
Notified: July 30, 2008 Updated: October 01, 2008
Status
Not Affected
Vendor Statement
After investigating this report, we determined this issue does not directly affect any Microsoft products.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Openwall GNU/*/Linux __ Not Affected
Notified: July 30, 2008 Updated: August 13, 2008
Status
Not Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Addendum
Openwall GNU//Linux does not officially support IPv6. We do not have IPv6 support enabled in our kernels by default (nor can the corresponding kernel module possibly get auto-loaded, which would be a concern on some other Linux systems - we also do not support module auto-loading). While it is probably possible to configure an Openwall GNU//Linux system with a custom kernel build such that it would be vulnerable, anyone doing so is acting on his/her own.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23472363 Feedback>).
PePLink Not Affected
Notified: July 30, 2008 Updated: September 19, 2008
Statement Date: September 19, 2008
Status
Not Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Q1 Labs Not Affected
Notified: July 30, 2008 Updated: August 04, 2008
Status
Not Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Quagga __ Not Affected
Notified: July 30, 2008 Updated: July 31, 2008
Statement Date: July 30, 2008
Status
Not Affected
Vendor Statement
Quagga is not impacted.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
RadWare, Inc. __ Not Affected
Notified: July 30, 2008 Updated: July 31, 2008
Statement Date: July 31, 2008
Status
Not Affected
Vendor Statement
We are not affected.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Red Hat, Inc. __ Not Affected
Notified: July 30, 2008 Updated: July 31, 2008
Statement Date: July 31, 2008
Status
Not Affected
Vendor Statement
We would like to inform you that Red Hat Enterprise Linux is not affected by this vulnerability as we never had any code that added routes in response to ndisc solicitations.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Redback Networks, Inc. Not Affected
Notified: July 30, 2008 Updated: September 29, 2008
Statement Date: September 26, 2008
Status
Not Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
SUSE Linux __ Not Affected
Notified: July 30, 2008 Updated: October 07, 2008
Status
Not Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
To the best of our knowledge Linux and therefore SUSE Linux based products are not affected by this problem.
SmoothWall Not Affected
Notified: July 30, 2008 Updated: September 19, 2008
Statement Date: September 19, 2008
Status
Not Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Sun Microsystems, Inc. __ Not Affected
Notified: July 30, 2008 Updated: July 31, 2008
Statement Date: July 30, 2008
Status
Not Affected
Vendor Statement
Solaris IPv6 implementation is not vulnerable to this issue.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
TippingPoint, Technologies, Inc. Not Affected
Notified: July 30, 2008 Updated: September 29, 2008
Statement Date: September 26, 2008
Status
Not Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
m0n0wall Not Affected
Notified: July 30, 2008 Updated: August 05, 2008
Status
Not Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
ACCESS Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
AT&T Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Alcatel-Lucent Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Avaya, Inc. Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Barracuda Networks Unknown
Notified: September 18, 2008 Updated: September 18, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Belkin, Inc. Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Borderware Technologies Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Bro Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
CIAC Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Charlotte’s Web Networks Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Check Point Software Technologies Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Clavister Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Conectiva Inc. Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Cray Inc. Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Data Connection, Ltd. Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
DragonFly BSD Project Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
EMC Corporation Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Engarde Secure Linux Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Ericsson Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Fedora Project Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Fortinet, Inc. Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Fujitsu Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Gentoo Linux Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Global Technology Associates Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Google Unknown
Notified: August 22, 2008 Updated: August 22, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Guidance Software, Inc. Unknown
Notified: August 22, 2008 Updated: August 22, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Hewlett-Packard Company Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Hitachi Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Hyperchip Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
IBM Corporation Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
IBM eServer Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
IP Filter Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
IP Infusion, Inc. Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Ingrian Networks, Inc. Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Intel Corporation Unknown
Notified: September 18, 2008 Updated: September 18, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Internet Security Systems, Inc. Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Intoto Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Linux Kernel Archives Unknown
Notified: August 22, 2008 Updated: August 22, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Luminous Networks Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Mandriva, Inc. Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Miredo Unknown
Notified: August 04, 2008 Updated: August 04, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
MontaVista Software, Inc. Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Multitech, Inc. Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
NEC Corporation Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
NetApp Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
NextHop Technologies, Inc. Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Nokia Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Nortel Networks, Inc. Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Novell, Inc. Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Process Software Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
QNX, Software Systems, Inc. Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Secure Computing Network Security Division Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Secureworx, Inc. Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Silicon Graphics, Inc. Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Slackware Linux Inc. Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Snort Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Soapstone Networks Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Sony Corporation Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Sourcefire Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Stonesoft Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Symantec, Inc. Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
The SCO Group Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Turbolinux Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
U4EA Technologies, Inc. Unknown
Notified: September 18, 2008 Updated: September 18, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Ubuntu Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Unisys Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Vyatta Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Watchguard Technologies, Inc. Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
ZyXEL Unknown
Notified: July 30, 2008 Updated: October 02, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
eSoft, Inc. Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
netfilter Unknown
Notified: July 30, 2008 Updated: July 30, 2008
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
View all 103 vendors __View less vendors __
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | 0 | AV:–/AC:–/Au:–/C:–/I:–/A:– |
| Temporal | 0 | E:Not Defined (ND)/RL:Not Defined (ND)/RC:Not Defined (ND) |
| Environmental | 0 | CDP:Not Defined (ND)/TD:Not Defined (ND)/CR:Not Defined (ND)/IR:Not Defined (ND)/AR:Not Defined (ND) |
References
- <http://tools.ietf.org/html/rfc4861>
- <http://tools.ietf.org/html/rfc4861#section-2.1>
- <http://www.ietf.org/rfc/rfc2461.txt>
- <http://www.ietf.org/rfc/rfc3756.txt>
- <http://www.ietf.org/rfc/rfc3177.txt>
- <http://tools.ietf.org/html/rfc3971>
- <http://docs.sun.com/app/docs/doc/817-0573/6mgc65bb6?a=view>
- <http://msdn.microsoft.com/en-us/library/ms900123.aspx>
- <http://en.wikipedia.org/wiki/Forwarding_Information_Base#FIBs_in_Ingress_Filtering_against_Denial_of_Service>
- <http://en.wikipedia.org/wiki/Reverse_path_forwarding>
- <http://www.openbsd.org/faq/pf/filter.html#antispoof>
Acknowledgements
Thanks to David Miles for reporting this vulnerability. Numerous vendors and others also provided technical information that was used in this report.
This document was written by Ryan Giobbi, Evan Wright, Chad Dougherty, and Art Manion.
Other Information
| CVE IDs: | CVE-2008-4404, CVE-2008-2476 |
|---|---|
| Severity Metric: | 2.70 Date Public: |
References
docs.sun.com/app/docs/doc/817-0573/6mgc65bb6?a=view
en.wikipedia.org/wiki/Forwarding_Information_Base#FIBs_in_Ingress_Filtering_against_Denial_of_Service
en.wikipedia.org/wiki/Reverse_path_forwarding
msdn.microsoft.com/en-us/library/ms900123.aspx
tools.ietf.org/html/rfc3971
tools.ietf.org/html/rfc4861
tools.ietf.org/html/rfc4861#section-2.1
www.ietf.org/rfc/rfc2461.txt
www.ietf.org/rfc/rfc3177.txt
www.ietf.org/rfc/rfc3756.txt
www.openbsd.org/faq/pf/filter.html#antispoof
Related
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.027 Low
EPSS
Percentile
90.4%