Vulners
Lucene search
Enumerate IPv6 Interfaces via SSH
#TRUSTED 0ac8f2940c16486db1b67cc37ebf6d8f87cd7c8f71bcc4ef28d3ab7d190999a4113e33019828789bfb05e2345def0e18be1bee255770371e1bcb0f2e3243f574ba8628777ceb91350f2fc0331f975dd54b158a214d95a14da49319ae8c51c8799d70e5f2361516ed9ec7fd772a7dcd984ccfee1b993b2226f28dd0fdedd3e45333345e95c3557678a9d71637e31c3030e5529951a1a646741c6dd25ebbdef0c33b5daa2e2f735f7a3f0fffcb3379b6bc1a0575659598f2aed1287156b3c9e835477f1e51ff03168fef9c87d9444b8eb60bb9aa43661c6efd6cdf1cf2f6e7810436af88dc3bc515018641d676d81730c7da94be9745310db5312df6e5ec08ba44936b0448ec5f53e64c4c78604e9e52d4f6eafd45de95a28709214ce3fa3d828fa9012ed92199cafe7fbf763228f37174956c66bb8299046e639329569f28e3dc3ba7824b0366bcfc535cff0f6358faf849615b32bbf8163789ce278b5ac617b51f7d4b2cd1a4d543349f524b042e22849f02e528cb3ba918d55c253b63d489a4092e4c0848e0f0994e0a4608a38d84c9617500b52771c4596f9754c0ce07e70c5c90aea9e8377dbb49c50b3a4d309090af8a72c60905bcc3982b59b8f743eadabe6d7722528b8703f6c50e8f178bf654c833f0424fd353cee4ee8f2d6b88b926b8708cc7fcf14815ea842084a84612cb76cafde7dc73eec6a2d7a3ebbf964605
#TRUST-RSA-SHA256 14eaa6870484c803afd68179a15ea92491a46b7a2b25ad72ff2d23762ab1c2fd3cd5754e1230eb8d7b422810fe03f7f737673b704948da0def32610d12b85b899b8a366454ddb18049e1d506c07e00ab69796bc56fe32849f98b4a5f0712e71c57be5b4264ca8e2986b01fc3fafd2e53dd2afabbd9d142d51b5c4104fdbf4c901573b92bccebc296bc9270a38739020f1687bbe623b590aece7f22e0d5408f008edbbc3bf9a6f1f66a58260b36371e83fbe22b532e81279d3ecaabecf825e1b9a3edf237d550e185588c671cbc708fa963c80cce6d1395409abce0866bc95a7e1ee5f4bbd527cddf370718c7f0501fca1fdfabd2c54946882c1aefa888a29d78c8f0f2deef0054c67df679285c9a253fcaa42ca2f1e6995799a4bd9c3882f37fced15c0728069d0e86f5d8fa8882cf88fa0e8aff80a43ff5654c906a2c3ba1d727c875f5cb473b189c6c394525ca0a78471e6b81e191073ab43f666e564ce5151b98eda6dbd409bb0ee878b287762a4008c4c795f9dd42da03c0d1d30f1a77a39ded244a6b17250cbb7cb0432718bd4a9a438b961285272045a9b17585c28f5551ac6c04afb68fc2b01b72e724a3f70697aaebeb8acff7592238a4867fb7510cb6f6e3a1628ff9620c184b80cd416e99e6ca32af4a052d9d71852cec10801cc1f30b9fcfc5db2119dfd3439693dd8335487bdcaba25d152fe9163342b02f9b31
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(25202);
script_version("1.21");
script_set_attribute(attribute:"plugin_modification_date", value:"2025/09/24");
script_name(english:"Enumerate IPv6 Interfaces via SSH");
script_summary(english:"Uses the result of 'ifconfig -a' or 'ip addr show'.");
script_set_attribute(attribute:"synopsis", value:
"Nessus was able to enumerate the IPv6 interfaces on the remote host.");
script_set_attribute(attribute:"description", value:
"Nessus was able to enumerate the network interfaces configured with
IPv6 addresses by connecting to the remote host via SSH using the
supplied credentials.");
script_set_attribute(attribute:"solution", value:
"Disable IPv6 if you are not actually using it. Otherwise, disable any
unused IPv6 interfaces.");
script_set_attribute(attribute:"risk_factor", value:"None");
script_set_attribute(attribute:"plugin_publication_date", value:"2007/05/11");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"agent", value:"unix");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"General");
script_copyright(english:"This script is Copyright (C) 2007-2025 Tenable Network Security, Inc.");
script_dependencies("ssh_get_info.nasl");
script_require_ports(
"Host/ifconfig",
"Host/netstat-ianf-inet6",
"Secret/Host/Cisco/Config/show_running-config",
"Host/Arista/EOS/show_interfaces",
"/tmp/Host/ExtremeNetworks/SLXOS/ipv6_addresses"
);
exit(0);
}
include("cisco_host_ip_enum.inc");
include('fortigate_host_ip_enum.inc');
include('arista_eos_func.inc');
var uname = get_kb_item("Host/uname");
var is_cisco = !isnull(get_kb_list("Host/Cisco/*"));
var is_fortigate = !isnull(get_kb_list('Host/Fortigate/*'));
var is_arista_eos_ios = !isnull(get_kb_list('Host/Arista/EOS/*'));
var is_extreme_networks_slx_os = !isnull(get_kb_item('Host/ExtremeNetworks/SLXOS'));
if (empty_or_null(uname) && !is_cisco && !is_fortigate && !is_arista_eos_ios && !is_extreme_networks_slx_os)
exit(1, 'No Host/uname, Host/ifconfig, or supported vendor KB items (Cisco, Fortigate, Arista EOS, Extreme Networks SLXOS) found on the host.');
var ifaces = NULL;
var dev = NULL;
var dev_ip_count = make_array();
# HP-UX
if ('HP-UX' >< uname)
{
var netstat = get_kb_item_or_exit("Host/netstat-ianf-inet6");
var match, ip_addr, iface_name;
var lines = split(netstat, keep:FALSE);
var netstat_pat = "^([^\s]+)\s+[0-9]+\s+([0-9a-fA-F:%]+)(\/[0-9]+)?(?:\s+[0-9]+)+";
foreach var line (lines)
{
match = pregmatch(pattern:netstat_pat, string:line);
if (isnull(match)) continue; # next
iface_name = match[1];
ip_addr = match[2]; #ipv6
if (isnull(dev_ip_count[iface_name])) dev_ip_count[iface_name] = 1;
else dev_ip_count[iface_name]++;
ifaces += strcat(' - ', ip_addr, ' (on interface ', iface_name, ')\n');
set_kb_item(name:"Host/iface/id", value:iface_name);
set_kb_item(name:"Host/iface/"+iface_name+"/ipv6", value:ip_addr);
set_kb_item(name:"Host/ifconfig/IP6Addrs", value: ip_addr);
}
}
else if(is_cisco)
{
var ip_array = cisco_host_ip_enum::get_ip_array(v6:TRUE);
for(iface_name in ip_array)
{
foreach(ip_addr in ip_array[iface_name])
{
if (isnull(dev_ip_count[iface_name])) dev_ip_count[iface_name] = 1;
else dev_ip_count[iface_name]++;
ifaces += strcat(' - ', ip_addr, ' (on interface ', iface_name + ')\n');
set_kb_item(name:"Host/iface/id", value:iface_name);
set_kb_item(name:"Host/iface/"+iface_name+"/ipv6", value:ip_addr);
set_kb_item(name:"Host/ifconfig/IP6Addrs", value: ip_addr);
}
}
}
else if(is_fortigate)
{
ip_array = fortigate_host_ip_enum::get_ip_array(ip_ver:'IPv6');
for (iface_name in ip_array)
{
foreach(ip_addr in ip_array[iface_name])
{
if (isnull(dev_ip_count[iface_name])) dev_ip_count[iface_name] = 1;
else dev_ip_count[iface_name]++;
ifaces += strcat(' - ', ip_addr, ' (on interface ', iface_name + ')\n');
set_kb_item(name:'Host/iface/id', value:iface_name);
set_kb_item(name:strcat('Host/iface/', iface_name, '/ipv6'), value:ip_addr);
set_kb_item(name:'Host/ifconfig/IP6Addrs', value: ip_addr);
}
}
}
else if(is_arista_eos_ios)
{
ip_array = arista_host_ip_enum::get_ip_array(ip_ver:'ipv6');
for (iface_name in ip_array)
{
foreach(ip_addr in ip_array[iface_name])
{
if (isnull(dev_ip_count[iface_name]))
dev_ip_count[iface_name] = 1;
else
dev_ip_count[iface_name]++;
ifaces += strcat(' - ', ip_addr, ' (on interface ', iface_name + ')\n');
set_kb_item(name:'Host/iface/id', value:iface_name);
set_kb_item(name:strcat('Host/iface/', iface_name, '/ipv6'), value:ip_addr);
set_kb_item(name:'Host/ifconfig/IP6Addrs', value: ip_addr);
}
}
}
else if (is_extreme_networks_slx_os)
{
var addresses = deserialize(get_kb_item('/tmp/Host/ExtremeNetworks/SLXOS/ipv6_addresses'));
if (typeof_ex(addresses) != 'array')
addresses = {};
for (var iface in addresses)
{
ifaces += strcat(' - ', addresses[iface], ' (on interface ', iface, ')\n');
set_kb_item(name:'Host/iface/id', value:iface);
set_kb_item(name:'Host/iface/'+iface+'/ipv6', value:addresses[iface]);
set_kb_item(name:'Host/ifconfig/IP6Addrs', value: addresses[iface]);
}
}
else
{
var ifconfig = get_kb_item_or_exit("Host/ifconfig");
var inet6 = egrep(pattern:"inet6", string:ifconfig);
if ( isnull(inet6) ) exit(0, 'No IPv6 addresses found.');
lines = split(ifconfig, keep:FALSE);
var ifconfig_regex = "^(\d+: )?([a-z\-]+[\-a-z0-9]+(:[0-9]+)?)[: ].*";
foreach line ( lines )
{
if ( line =~ ifconfig_regex )
{
dev = ereg_replace(pattern:ifconfig_regex, replace:"\2", string:line);
if ( dev == line ) dev = NULL;
if (!isnull(dev)) dev_ip_count[dev] = 0;
}
if ( "inet6" >< line )
{
var addr = ereg_replace(pattern:".*inet6( addr:)? ([0-9a-f:]*).*", string:line, replace:"\2");
if ( !empty_or_null(addr) && addr != line )
{
ifaces += ' - ' + addr;
set_kb_item(name: "Host/ifconfig/IP6Addrs", value: addr);
if ( !empty_or_null(dev) )
{
ifaces += ' (on interface ' + dev + ')';
dev_ip_count[dev]++;
# for reporting
set_kb_item(name:"Host/iface/"+dev+"/ipv6", value: addr);
set_kb_item(name:"Host/iface/id", value:dev);
}
ifaces += '\n';
}
}
}
}
var aliased;
foreach dev (keys(dev_ip_count))
{
aliased = dev_ip_count[dev] > 1;
if (aliased)
set_kb_item(name:"Host/iface/"+dev+"/aliased", value:TRUE);
}
if ( strlen(ifaces) )
{
security_note(port:0, extra:'\nThe following IPv6 interfaces are set on the remote host :\n\n' + ifaces);
}
else exit(1, 'Unable to parse any IPv6 addresses.');
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
24 Sep 2025 00:00Current
5.5Medium risk
Vulners AI Score5.5