SOL9528 - IPv6 Neighbor Discovery Protocol (NDP) vulnerability - CVE-2008-2476 - VU#472363

2008-12-18T00:00:00
ID SOL9528
Type f5
Reporter f5
Modified 2013-03-26T00:00:00

Description

The IPv6 Neighbor Discovery Protocol (NDP) implementation does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic by way of a spoofed message that modifies the Forward Information Base (FIB).

Information about this advisory is available at the following locations:

Note: These links take you to a resource outside of AskF5, and it is possible that the documents may be removed without our knowledge.

<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2476>
<http://www.kb.cert.org/vuls/id/472363>

F5 Product Development tracked this issue as CR111056 and CR111064 and it was fixed in BIG-IP 10.0.1 and Enterprise Manager 2.0.0. For information about upgrading, refer to the BIG-IP LTM, GTM, Link Controller, ASM, PSM, WebAccelerator, WOM, or Enterprise Manager release notes.